Job Seekers, Please send resumes to resumes@hireitpeople.com

Job Responsibilities:

Implement Risk Assessment services, which includes processing and completing risk assessment requests from various departments and offices in RGA Designs, implements, and maintains IT Governances Risk Management Framework Help facilitate risk assessment workshops that include threat analysis, control effectiveness evaluation, and risk remediation recommendations Work with various RGA departments to assess project and data risks associated to security and compliance requirements, and provide guidance and advise for stakeholders to make decisions Maintain proper linkage from IT risk and controls register to Corporate and IT level policies. Assist with RGA Compliance Inquiry requests process, which includes responding to clients security and risk assessment questionnaires Perform other duties as assigne

Required Experience:

4+ years IT security, privacy, audit, controls and regulatory compliance, or related experience Intermediate ability to evaluate IT controls objectives and feasibility Intermediate oral and written communication skills, demonstrating the ability to convey complex technical and security concepts and terminology to that which is meaningful and well received by the customer Intermediate knowledge of broad security and risk management related practices Ability to manage multiple projects and/or sub - teams simultaneously, including the ability to delegate key areas of responsibility Ability to adapt to new methods, work under tight deadlines and stressful conditions Ability to work well within a team Intermediate investigative, analytical, and problem-solving skills Ability to liaise with individuals across a wide variety of operational, functional, and technical disciplines Ability to translate business needs and problems into viable/accepted solutions Intermediate skills in customer relationship management Ability to resolve conflict and foster teamwork Experience leading security risk assessments, regulatory compliance audits/inquiries, and control assessments Knowledge of risk and control frameworks (e.g., NIST CSF, NIST 800-53, ISO/IEC 27001)

Education:

Required: Bachelors degree or equivalent experience Preferred: Masters degree and/or LOMA certification

Technical Requirements:

Basic understanding of IT domains: infrastructure, networking, storage, databases, operating systems, cloud, applications, etc. Strong understanding of security technologies, including: SSO, IAM, DLP, EDR, SIEM, firewalls, gateways, IDS/IPS, CASB, antivirus, SSDLC, cryptography, PKI, etc.

Preferred Experience:

Insurance/Reinsurance industry knowledge/experience Experience with risk quantification (FAIR or Hubbard Decision Research) Information security, compliance, risk, or audit professional certifications, such as: CISSP, CISA, CRISC, CISM, CGEIT, CPA, CIA Experience reviewing SSAE 16/ SSAE 18 attestations Project management skills/experience Strong understanding of domestic and global security & privacy regulations

Preferred Technical Experience:

Cloud assessment experience (AWS, Azure, Google Cloud, etc.) Previous experience as a Systems Administrator, IT Auditor, Developer, Penetration Tester, Cloud Security Engineer, GRC Analyst, Risk Analyst, Information Security Analyst/Engineer/Consultant