Beazley Group
Senior Information Security Manager
Beazley Group, West Hartford, Connecticut, United States,
General Division: CISO Reports To: As per Beazley's organization chart Key Relationships: Security Team, CISO, Compliance, Data Management, Risk Management, Information Security Committee, Suppliers, C-level Executives, Regulators and Industry collaboration groups Job Summary: An exciting opportunity for US based candidates to join our dynamic and innovative IT team. Assist with the delivery of the global security function supporting the global CISO in line with Beazley's global business strategy. This will involve risk assessments, security assurance activities, training and awareness, driving a holistic security. The successful candidate will also focus on developing and maintaining policies and standards and continue to embed a first-class security culture. Key Relationships: CISO, Compliance, Data Management, Risk Management, Information Security Committee, Suppliers, C-level Executives, Regulators and Industry collaboration groups, Job Summary: An exciting opportunity for US based candidates to join our dynamic and innovative internal security tea, reporting into the Head of Information security within the CISO team at Beazley. This role will assist with the delivery of the global security function supporting the global CISO in line with Beazley's global business strategy. This will involve Third Party Assurance Assessments, Security Training and Awareness delivery, development and updating security policies and delivering these through governance chains, supporting the assurance of access management controls, incident response, and other relevant security assurance activities. The successful candidate will also focus on embedding a first-class security culture for the business. Key Responsibilities: Work closely with colleagues across the business to promote a strong Information Security culture and ensure compliance with Information Security policies and procedures. Deliver third party security assurance activities globally to ensure suppliers are operating within defined risk appetite. Support the development of IAM capabilities across the business. Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices. Develop and maintain cyber policies and standards aligned agreed internal and industry standard frameworks. Support the development of information security training and awareness across the business, ensuring targeted and bespoke training is developed to support key areas of the business. Create and Support Information Security risk assessments across the technology stack. Proactive identification of security concerns, documenting and escalating security concerns to the Head of Information Security and Group CISO. Support the response to security incidents and vulnerabilities. Provide Information Security advice and guidance to the business. Support the response to internal and external Information Security enquiries, including audit and regulatory enquiries. Remain up to date with the latest security information to support the understanding of Beazley's data landscape. Ensure data risks and threats facing Beazley are understood and articulated to the CISO and wider security team to ensure the timely configurating of existing technologies to get ahead of known and perceived data security. Produce concise and accurate reports and executive summaries of Information Security topics and techniques. Participate and contribute to the Beazley Security Committee. Contribute to security reports including keeping track of information security metrics. Deliver BAU activities as directed by the Head of Information Security. Skills and Knowledge Specification: Skills and Abilities Excellent written and oral communications skills. The ability to communicate technical and security-related concepts to a broad range of technical and non-technical staff and management. The ability to prioritize work and deliver results in a pressurized environment, through tactical and strategic planning. The ability to manage significant stakeholder contact, providing expert advice which demonstrates judgement and an understanding of the business. A demonstrated ability to develop strong relationships across businesses. Confident and assured at interacting and communicating effectively with a range of stakeholders. Self-motivation, with an ability to work with high degree of autonomy and to be results-driven with a flexible approach to working. An understanding of the various data regulations and requirements that Beazley is subject to, in the UK, the US and around the world. Strong understanding of IT security principles, standards, and best practices particularly relating to third party assurance, Identity & Access Management and Privileged Access Management, Training and Awareness. Strong problem-solving skills to troubleshoot, be able to understand technically assigned tasks and follow documented procedures. Ability to function under pressure in an independent environment demonstrating high-energy, detail-oriented proactiveness. Knowledge and Experience At least five years' work experience within information or IT Security operations. Deep knowledge of third-party assurance, training and awareness cultural change and delivery, risk assessments and creating, updating and embedding security policies and standards into an organization. Experience working with Information Security Governance policy developers. Ability to handle sensitive situations with discretion and employ high ethical standards. Advanced understanding of sensitive data types, their handling requirements and how to respond to their exposure. Good knowledge of the data protection regulations in all territories in which Beazley operates Aptitude and Disposition Outcome focused, self-motivated, flexible and enthusiastic. Professional approach to successfully interact with managers/colleagues/external suppliers. Competencies Technical expertise Conceptual thinking and problem solving Collaboration and coaching Planning and managing resources effectively Delivery orientation, initiative and drive Purposeful communication and capacity to influence others. Team player Customer and business focused. General Who We Are Beazley is a specialist insurance company with over 30 years' experience helping people, communities and businesses to manage risk all around the world. Our mission is to provide Beautifully Designed Insurance, innovating to give our clients the maximum benefit with minimum hassle. Our products are wide ranging, from cyber & tech insurance to marine, healthcare, financial institutions and contingency, covering risks such as the weather, film production or protection from deadly weapons. Our Culture We employ over 1,500 people globally, hosting a wonderful diversity of cultures, experiences and backgrounds. We are proud of our unique culture at Beazley that empowers our staff to work from when and where they want, in an adult environment that's low on policies & politics but big on collaboration, diversity & personal accountability. Our three core values inspire the way we work and how we treat our customers and people - 1) Be bold 2) Strive for better 3) Do the right thing. Upholding these values every day enables us to become an innovative and responsive organization, in touch with the changing world and marketplace around us. We have set ambitious diversity & sustainability targets as we strive to better our business and the insurance industry as whole. The rewards: The opportunity to connect and build long-lasting professional relationships while advancing your career with a growing, dynamic organization Attractive base compensation and discretionary performance related annual bonus Competitively priced medical, dental and vision insurance Company paid life, and short- and long-term disability insurance 401(k) plan with 5% company match and immediate vesting 22 days annual PTO (full-time, prorated for 1st calendar year of employment), plus paid public holidays with the ability to flex the religious bank holidays to suit your religious beliefs. Additional PTO purchase is available up to a maximum of 5 days per calendar year. Up to $700 reimbursement towards home office setup Free in-office lunch, travel reimbursement for travel to office, and monthly lifestyle allowance in support of your wellbeing The opportunity to save for, and purchase, shares of Beazley stock Six months fully paid parental leave, regardless of how you come to parenthood Company paid sabbatical up to 12 weeks after 10 years of continued service Support with exam/study leave and fees for relevant qualifications related to furthering education Up to 2.5 days matched paid leave for volunteering at a charity of your choice and 5 days paid leave to provide or arrange care for a dependent with a long-term care need annually Smart working policy and flexible working culture, trusting our employees to do what works best for them, their role and the needs of the business Salary for this role will be tailored to the successful individual's location and experience. The expected compensation range for this position is $100,000 - $120,000 per year plus discretionary annual bonus. You will be able to discuss your salary expectations should you be contacted about this role. Responsibilities Key Responsibilities: Work closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and procedures. Deliver third party security assurance activities globally to ensure suppliers are operating within defined risk appetite. Create and Support Information Security risk assessments across the technology stack and at physical locations. Proactive identification of security concerns and address escalated or high-risk issues. Provide initial point of contact and triage for Information Security requests from across the business. Support the response to security incidents and vulnerabilities. Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices. Develop and maintain cyber policies and standards aligned with ISO 27001, NIST or other agreed frameworks. Provide Information Security advice and guidance. Maintain an awareness of the existing and emerging threat landscape. Support the response to security incidents and vulnerabilities. Support the response to internal and external Information Security enquiries. Deliver BAU activities as directed. Ensure security policies are up to date and used appropriately and effectively across the business, creating training for business areas as required. Remain up to date with the latest security information to support the understanding of Beazley's data landscape. Ensure data risks and threats facing Beazley are understood and articulated to the CISO and wider security team to ensure the timely configurating of existing technologies to get ahead of known and perceived data security. Serve as an SME the user's perspective. Help develop functional requirements, processes, and automation. Support efforts increase efficiency of Information Security activities. Manage relationships that contribute to expanding Information security. Ensure the CISO and wider security team has deep knowledge around mitigating Information Security activities. Produce concise and accurate reports and executive summaries of Information Security topics and techniques. Feed threat knowledge into the security awareness, training and cultural change programme. Support the development of data management and digital risk monitoring. Support Information Security risk assessments across the technology stack and at physical locations. Undertake continual service improvement activities. Proactive identification of security concerns and address escalated or high-risk vulnerabilities. Provide initial point of contact and triage for Information Security requests from across the business. Work closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and procedures. Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices. Support the response to internal and external Information Security enquiries. Participate and contribute to the various Beazley Committees. Contribute to security reports including keeping track of information security metrics. General Leverage networking opportunities within the business to develop standardised underwriting policy and best practice within Beazley. Develop best practice and disseminate business and class knowledge within the Healthcare and Specialty Risks team. Work with peers within Healthcare and Specialty Risks to maximise business opportunities and profitability within the department. This will include but not be limited to sharing market information, marketing sources and cross selling opportunities. Share and gather knowledge within the Beazley Group to ensure dissemination of best practice and maximise business opportunities and profitability within the Group. Production of presentations and marketing literature as required. Production of business plans/research documents for the Life Sciences account as required. It is important that within all your interactions both internally and externally you adhere Beazley's core values - Being Bold, Striving for Better, and Doing the Right Thing - as they contribute to an internal environment of teamwork and promote a positive brand image and experience to our external customers. We also expect Beazley employees to: Comply with Beazley procedures, policies and regulations including the code of conduct which incorporates the PRA and FCA Conduct. Undertake training on Beazley policies and procedures as delivered by your line manager, the Culture & People or assurance teams (compliance, risk, internal audit) either directly, via e-learning or the learning management system Display business ethics that uphold the interests of all our customers Ensure all interactions with customers are focused on delivering a fair outcome, including having the right products for their needs Comply with any specific responsibilities necessary for your role as outlined by your line manager, the Culture & People or assurance teams (compliance, risk, internal audit) and ensure you keep up to date with developments in these areas. This may include, amongst others, Beazley's underwriting control standards, Beazley's claims control standards, other Beazley standards and customer relationship management Carry out additional responsibilities as individually notified, either through your objectives or through the learning management system. These may include membership of any Beazley committees or working groups Person Specifications Skills & Abilities General commercial and financial knowledge Possess underwriting ability Accurate and numerate Computer skills - good working knowledge of MS Office, advanced Excel skills Strong analytical skills with attention to detail Able to communicate effectively with others, both verbally and in writing Ability to manage time, meet deadlines and prioritise Knowledge & Experience General commercial and financial knowledge Extensive experience in insurance industry Extensive experience of Life Sciences underwriting Thorough knowledge of underwriting policy, philosophy and practice Advanced knowledge of underwriting processes and systems Client service experience Aptitude & Disposition Results focused, self-motivated, flexible and enthusiastic Professional approach to interact successfully with managers/colleagues/external suppliers Team worker as well as able to work on own initiative Customer focused, with a strong ethic of service and fairness to the customer Competencies Achievement drive Analytical thinking Strategic thinking Service focus Team working Conceptual thinking Forward thinking