AVP, Security GRC Specialist
AVP, Security GRC Specialist
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
RenaissanceRe is a leading writer of Property & Casualty Reinsurance. For over 25 years we have helped customers and communities recover and build resilience through our industry-leading ability to understand risk source efficient capital and rapidly pay claims.
Our global team shares a passion for solving our customers biggest problems through a collaborative and entrepreneurial culture that empowers employees and rewards creative thinking.
Position Overview:
RenaissanceRe is looking to add an AVP Security GRC Specialist to their Security team that will take on ownership of the third-party vendor assessment addition the Specialist will assist with various cyber GRC areas including client due diligence security awareness regulatory response audit remediations security controls strategy and other ad-hoc projects.
Essential Functions of the Position
Manage the third-party vendor assessment process by reviewing vendor assessment questionnaires including SOC 2 reports and ISO 27001 certifications. Validate the existence of the vendors controls by reviewing evidence and leading any possible remediation efforts where a vendors controls are deficient. Ensure that internal business partners are aware of any risks and work with Legal when certain control requirements need to be included in contracts. Prioritize track and report out on progress status issues and challenges on a regular basis for executive reporting.
Collaborate with the Security GRC Manager to respond to various IT audits from regulatory bodies (e.g. NYSDFS MAS APRA Lloyds etc.) Internal Audit and client due diligence. This is to ensure the organization meets its legal requirements stated policies and contractual obligations.
Be actively engaged in other GRC activities including security awareness (creation of the custom training and phishing campaigns) GRC platform management (controls catalogue continuous monitoring issue management policy management etc.).
Research security controls and be able to translate the technical and non-technical aspects to key stakeholders for various IT platforms and solutions. Ensure that the security controls are deployed in alignment with the Security Teams goals by partnering with Infrastructure Engineering and the business.
Requirements
Bachelors degree in Cyber Security Information Technology or a related field.
6 years of experience in Governance Risk & Compliance within Information Security.
Experience working in a large global organization across functions.
A solid understanding of the interplay between Information Security Infrastructure and Engineering.
Audit like mindset to uncover control gaps and areas for improvement with excellent communication skills with internal and external parties.
Ability to keep meticulous records of activities performed.
Highly sought: Experience with vendor management tools (e.g. SecurityScorecard BitSight RiskRecon) GRC platforms (e.g. Drata Vanta OneTrust) regulatory audits (e.g. NYSDFS MAS APRA Lloyds etc.).
Certifications/Licensure Requirements
CISSP or similar certification (e.g. CISA CISM) preferred.
Our people are our most valuable resource and core to our success. This is a fast-paced business environment demanding a strong work ethic and a results-oriented approach. We offer competitive compensation and benefits a comprehensive talent development program and a reward system in which employees share in the success of the company. We are an engaged member of the communities in which we live and work and have a locally-led giving philosophy with generous employee matching program global and local community grants and employee volunteerism.
We seek diversity create equity and practice inclusion. Our people are at the heart of everything we do. We are an equal opportunity employer. We provide equal opportunity to all qualified individuals regardless of race color religion national origin sex sexual orientation gender identity marital status pregnancy disability military status or other legally protected categories.
Required Experience:
IC
Employment Type
Full-Time
