Talent.com
Sr Risk Analyst - Cyber Security

Sr Risk Analyst - Cyber Security

Munich Re America ServicesCincinnati, United States
job_description.job_card.variable_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

The Opportunity

Future focused and always one step ahead!

This role is embedded within the Integrated Risk Management Function, with primary responsibility for supporting the implementation of the Munich Re Group Information Security Management (ISM) and Business Continuity Management (BCM) frameworks across North America Non-Life entities. The key objective is to ensure the effective implementation and adaptation of ISM and BCM requirements at the entity level, aligned with local regulatory requirements and Group-wide objectives. Additionally, this role will support the independent review and assessment of information security and business continuity risks. To achieve these goals, close collaboration and alignment with various functional areas is essential, including IT, Legal & Compliance, Third-Party Risk Management, Business Continuity Management (BCM), and entity-level Management.

Responsibilities

  • Support the implementation of ISM and BCM frameworks that align with both local and Group requirements, entailing the identification, measurement, monitoring, control, and reporting of non-financial risks, with a specific focus on information security and business continuity.
  • Support a multi-functional program aimed at ensuring compliance with relevant regulatory requirements, including the New York Department of Financial Services Cybersecurity regulation, California Consumer Privacy legislation, various state Insurance Data Security acts, and applicable Canadian regulations. This involves maintaining up-to-date security standards and practices that address evolving threats, vulnerabilities, and control techniques, as well as proposing initiatives and influencing necessary changes to these standards.
  • Participate in information security incident task forces, including post-incident reviews and "Lessons Learned" exercises, to evaluate and manage significant information security incidents. This role also involves assessing the materiality of risk during incidents, particularly in the context of Enterprise Risk for impacted legal entities and contributing to the documentation and reporting of such incidents.
  • Oversee the business continuity management life cycle for American Modern, which includes delivering training on BCM applications and tools, as well as providing analytical and administrative support to the BCM program.
  • Contribute to the development and revision of company guidelines related to information security management, business continuity, and third-party risk management, ensuring these guidelines are aligned with local requirements.
  • Promote risk awareness among staff, particularly regarding information security, and develop and deliver associated training programs to enhance awareness and compliance.
  • Participate in additional company initiatives as required.

Qualifications

  • Undergraduate degree in computer science, information security, IT management, or a related field. An MBA or Risk Management credentials is desirable.
  • A minimum of 5 years’ experience, preferably within a large company or the (re)insurance industry. Experience in governance, risk and compliance is preferred; prior technical information security background is a significant advantage.
  • Relevant certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), or Certified Business Continuity Professional (CBCP), preferred but not required.
  • Strong interpersonal and team-building skills, with the ability to collaborate effectively in international and hybrid settings, are essential.
  • Excellent analytical, conceptual, and presentation skills are required, with the ability to communicate complex information to diverse audiences, including Board-level stakeholders.
  • Experience in IT, information security, business continuity planning, or audit, would be an asset to this role.
    • serp_jobs.job_alerts.create_a_job

    Cyber Security Analyst • Cincinnati, United States