About the Client
Our client is one of the world’s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer, working to make the world more resilient. It anticipates and manages risk – from natural catastrophes to climate change, from ageing populations to cybercrime.
About the Role
You will be part of our client’s CISO Organization and work closely together with the IT Governance team and Global Sourcing. This program is responsible to identify and assess third parties with a high cyber risk exposure, assess compliance with best-practice-standards, and ensure in close coordination with third parties that risk mitigation activities are addressed and implemented.
In your new role you will work together with a specialized offshore assessment team, will build up an internal network with specialists and service recipients across the whole organisation, and will collaborate with people from many countries around the globe. You act as an enabler and coordinator between the recipient of the service and the assessment team. One of your responsibilities will be assessments of third parties during due diligence / onboarding, in areas of special needs, or in cases where assurance reports require a risk-based review. You will get insights into many companies and learn about different approaches to manage cyber risks.
- Experience in IT Audit, risk management or security activities preferably in the financial services industry
- Able to work on your own with minimum guidance and build a network with other subject matter experts
- Sound knowledge of information security on a technical as well as a security management level
- Knowledge of ISO 27'00x / NIST SP 800-53 / ISAE 3000 / SOC 2 standards and reports
- Ability to describe IT related risks and controls, bring them into the business context and communicate assessment results effectively at all levels of the organisation
- Sufficient knowledge about third party management/outsourcing processes and risks which allows a professional discussion with Sourcing / Risk / Legal managers
- Degree or qualification in Business IT related discipline or equivalent technical and business experience
- CISA or CISM certification
- Good to excellent command of English
- Any additional language is a plus
Nice to Have Skills