Assume management of the security risk management process.
Lead a team focused on collaborating and helping business units identify their security related risks.
Ensure alignment of security policy, standards, and controls with the enterprise security risk management framework to produce scalability and flexibility.
Working across the security teams, and collaboratively with business lines and functions to assess security related business impacting risks and their prioritization.
Educate on and evangelize the cybersecurity risk management framework, allowing risk owners to execute on their commitments as owners.
Identify risk owners, empower them with data for decision making, to help the execution of risk action plans, and all open and pending risks.
Document and champion methods of using risk for prioritization, assisting teams in leveraging risk in their own planning methodologies.
Partner closely with other teams managing elements of risk across Ascot, including our Privacy teams.
Measure cybersecurity risk, identifying and tracking key risk indicators, and publish as part of metrics dashboards.
Fully integrate cybersecurity into third party risk management, ensuring requirements are met by all types of our vendors and suppliers.
Drive a culture of continuous risk management, where cybersecurity risk is both constantly measured and also baked into decision making frameworks.
Integrate threat intelligence into risk management, ensuring our priorities are based on real world threats.
Lead the cybersecurity metrics program, building ways to communicate state of cybersecurity to all stakeholders, include the board of directors.
Requirements
Minimum of 8+ years of experience in Cyber / IT Risk management.
Property & Casualty insurance industry experience preferred.
CRISC or equivalent certification required.
Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from senior leadership to technical specialists.
Knowledge of current and upcoming methodologies and trends in the cybersecurity landscape.
Project management skills to assist with the development and execution of strategic security roadmaps to strengthen and continuously improve information security of the business.
Knowledge and understanding of the design and deployment of security capabilities in operational and manufacturing environments.
Familiarity with existing and experimental cybersecurity philosophies and experience implementing leading edge capabilities.
Excellent leadership skills to direct the information security team and collaborate with other business teams.
Knowledge and experience with industry cyber security frameworks, such as NIST CSF, CIS, ISO27001
Regulatory compliance knowledge, including Lloyd’s cyber principles, PRA / FCA, NYS DFS Part 500, BMA Cyber Code of Conduct, GDPR and CCPA.
Director, Identity And Access Management Risk Lead
Be the risk management thought leader and advisor to the IAM leadership team, serving as the subject matter expert on our risk management approach, frameworks and processes. As a Director of Cyber Risk and Analysis at Capital One, you will be part of the Identity & Access Management (IAM) organizat...
SVP, Program Management Senior Lead - Risk Transformation Execution - C14 (Hybrid)
Lead development of ad hoc reporting for Risk Execution Lead, Head of Enterprise Risk Management and Chief Risk Officer as it relates to Risk transformation. The SVP Program Management Senior Lead will lead efforts related to reporting and analytics, senior management, board and regulatory related c...
Compliance Risk Management Lead - Vice President
Advise the business on compliance issues relevant to new and existing defined contribution and managed account products and services * Support Wealth Management's Portfolio Analysis Group (PAG), which calculates performance and generates related analytics for discretionary and brokerage in...
Risk Management/MCA Lead
Business Risk & Controls - Risk Management/MCA Lead. This will primarily include the transformation and the ongoing coordination and management of the department s MCA / RCSA, the production of Risk and Control metrics for the Business Risk and Control Committee (BRCC) , interaction with the Consent...
Technology Operational Risk Management Director (Tech & Cyber) - Executive Director
The Compliance, Conduct Operational Risk (CCOR) CIB Market Technology Risk lead reports directly into the Technology Operational Risk Officer and is responsible for analysis and identification of operational risks to business processes. Job Responsibilities * Identify technology operationa...
Risk Management Lead
Grow your career as a Risk Management Lead with an innovative global bank in New York, NY. Business Risk, Operational Risk, Compliance, and/or Governance and Control in the Financial Services industry. Production of Risk and Control metrics for the Business Risk and Control Committee (BRCC). Extensi...
Risk Management - Lead Credit Officer, Associate
Engage with senior members of Treasury/Chief Investment Office Credit Risk and the Portfolio Management teams to complete risk analysis, present conclusions and facilitate timely investment approvals Job responsibilities * Participate in portfolio credit impairment projections as part...
Wealth Risk Program Management Senior Lead - C14 - NEW YORK
Strongly preferred prior experience and understanding of one or more risk management disciplines in a large global bank environment ( operational risk, credit risk, market risk, risk identification and assessment, risk appetite, etc. Risk Wealth Program Management leader in the Risk Program Manageme...
Risk Management - Market Risk Coverage Lead - Vice President
The CTC Chief Risk Officer (CRO) reports to the Firmwide CRO and is responsible for the end to end risk framework for the CTC line of business; including, but not limited to, Market Risk, Credit Risk, Liquidity Risk, Interest Rate Risk, Operational Risk, Pensions and BOLI COLI, Country Risk, Princip...
Third-Party Risk Management, 4th Party Program Lead
The Bank’s Third-Party Risk Management (TPRM) Department provides a central point of facilitation and support of the third-party management lifecycle which includes planning, due diligence, contract management, ongoing monitoring, and termination of third-party relationships. Your role as Third Part...