Senior Information Security Analyst

Description

Job description and person specification

Job Title:                  Senior Information Security Analyst

Division:                      CISO

Reports To:              As per Beazley’s organisation chart

Key Relationships:    Information Technology, CISO, Compliance, Data Management, Risk Management, Information Security Committee, Suppliers, C-level Executives, Regulators and Industry collaboration groups

Job Summary:            An exciting opportunity for US based candidates to join our dynamic and innovative IT team. Assist with the delivery of the global security function supporting the global CISO in line with Beazley’s global business strategy. This will involve risk assessments, security assurance activities, training and awareness, driving a holistic security. The successful candidate will also focus on developing and maintaining policies and standards and continue to embed a first-class security culture.

Key Responsibilities:

§  Work closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and procedures.

§  Deliver third party security assurance activities globally to ensure suppliers are operating within defined risk appetite.

§  Create and Support Information Security risk assessments across the technology stack and at physical locations.

§  Proactive identification of security concerns and address escalated or high-risk issues.

§  Provide initial point of contact and triage for Information Security requests from across the business.

§  Support the response to security incidents and vulnerabilities.

§  Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices.

§  Develop and maintain cyber policies and standards aligned with ISO 27001, NIST or other agreed frameworks.

§  Provide Information Security advice and guidance.

§  Maintain an awareness of the existing and emerging threat landscape.

§  Support the response to security incidents and vulnerabilities.

§  Support the response to internal and external Information Security enquiries.

§  Deliver BAU activities as directed.

§  Ensure security policies are up to date and used appropriately and effectively across the business, creating training for business areas as required.

§  Remain up to date with the latest security information to support the understanding of Beazley’s data landscape.

§  Ensure data risks and threats facing Beazley are understood and articulated to the CISO and wider security team to ensure the timely configurating of existing technologies to get ahead of known and perceived data security.

§  Serve as an SME the user’s perspective. Help develop functional requirements, processes, and automation.

§  Support efforts increase efficiency of Information Security activities.

§  Manage relationships that contribute to expanding Information security.

§  Ensure the CISO and wider security team has deep knowledge around mitigating Information Security activities.

§  Produce concise and accurate reports and executive summaries of Information Security topics and techniques.

§  Feed threat knowledge into the security awareness, training and cultural change programme.

§  Support the development of data management and digital risk monitoring.

§  Support Information Security risk assessments across the technology stack and at physical locations.

§  Undertake continual service improvement activities.

§  Proactive identification of security concerns and address escalated or high-risk vulnerabilities.

§  Provide initial point of contact and triage for Information Security requests from across the business.

§  Work closely with colleagues across the business to promote and strong Information Security culture and ensure compliance with Information Security policies and procedures.

§  Support the development and maintenance of the Information Security policy framework in-line with risk appetite, legislation and industry best practices.

§  Support the response to internal and external Information Security enquiries.

§  Participate and contribute to the various Beazley Committees.

§  Contribute to security reports including keeping track of information security metrics.

General

§  Leverage networking opportunities within the business to develop standardised underwriting policy and best practice within Beazley.

§  Develop best practice and disseminate business and class knowledge within the Healthcare and Specialty Risks team.

§  Work with peers within Healthcare and Specialty Risks to maximise business opportunities and profitability within the department. This will include but not be limited to sharing market information, marketing sources and cross selling opportunities.

§  Share and gather knowledge within the Beazley Group to ensure dissemination of best practice and maximise business opportunities and profitability within the Group.

§  Production of presentations and marketing literature as required.

§  Production of business plans/research documents for the Life Sciences account as required.

It is important that within all your interactions both internally and externally you adhere Beazley’s core values - Being Bold, Striving for Better, and Doing the Right Thing – as they contribute to an internal environment of teamwork and promote a positive brand image and experience to our external customers. We also expect Beazley employees to: 

§  Comply with Beazley procedures, policies and regulations including the code of conduct which incorporates the PRA and FCA Conduct.

§  Undertake training on Beazley policies and procedures as delivered by your line manager, the Culture & People or assurance teams (compliance, risk, internal audit) either directly, via e-learning or the learning management system

§  Display business ethics that uphold the interests of all our customers

§  Ensure all interactions with customers are focused on delivering a fair outcome, including having the right products for their needs

§  Comply with any specific responsibilities necessary for your role as outlined by your line manager, the Culture & People or assurance teams (compliance, risk, internal audit) and ensure you keep up to date with developments in these areas.  This may include, amongst others, Beazley’s underwriting control standards, Beazley’s claims control standards, other Beazley standards and customer relationship management

§  Carry out additional responsibilities as individually notified, either through your objectives or through the learning management system.  These may include membership of any Beazley committees or working groups

Personal Specification:

Skills & Abilities

§  General commercial and financial knowledge

§  Possess underwriting ability

§  Accurate and numerate

§  Computer skills – good working knowledge of MS Office, advanced Excel skills

§  Strong analytical skills with attention to detail

§  Able to communicate effectively with others, both verbally and in writing

§  Ability to manage time, meet deadlines and prioritise

Knowledge & Experience

§  General commercial and financial knowledge

§  Extensive experience in insurance industry

§  Extensive experience of Life Sciences underwriting

§  Thorough knowledge of underwriting policy, philosophy and practice

§  Advanced knowledge of underwriting processes and systems

§  Client service experience

Aptitude & Disposition

§  Results focused, self-motivated, flexible and enthusiastic

§  Professional approach to interact successfully with managers/colleagues/external suppliers

§  Team worker as well as able to work on own initiative

§  Customer focused, with a strong ethic of service and fairness to the customer

Competencies

§  Achievement drive

§  Analytical thinking

§  Strategic thinking

§  Service focus

§  Team working

§  Conceptual thinking

§  Forward thinking

Are you a returning applicant?