• Job Description

  Req#: US09888
  
  Position Overview
  
  
  Deliver RGA’s global security risk management services. Ensure risk management service requests are processed and completed within a defined response timeframe; improve processes to meet business agility and compliance obligations. Provide security risk management guidance to assist stakeholders. Participate in the development of policies, procedures, standards and controls. Bridge collaboration with various business and technology stakeholders.
  
  
  Responsibilities
  
  
  1. Conduct comprehensive security risk assessments of enterprise systems and processes, as well as provide recommendations for risk mitigation.
  2. Review, analyze, and provide recommendations for policy, standard, and baseline configuration deviations.
  3. Work with various RGA departments to assess risks associated with compliance requirements and provide guidance and advice for stakeholders to make decisions.
  4. Perform vendor security risk assessments to include inherent & residual risk identification, analysis, and mitigation, and additionally track risk remediation to completion.
  5. Stay current on security trends, threats, and best practices to continuously improve the organization's security posture.
  6. Conduct thorough threat modeling exercises to identify potential security vulnerabilities and risks.
  7. Serve as a project security advisor including risk analysis gate checks in the secure SDLC process.
  8. Help maintain a culture of security, privacy and controls within RGA global IT.
  9. Perform other duties as assigned.
  10. Excellent analytical, problem-solving, and critical-thinking skills.
  
  
  Requirements
  
  
  EDUCATION :
  Required: Bachelor’s degree or equivalent experience
  Preferred: Master’s degree and/or LOMA certification
  EXPERIENCE :
  Required:
  • 4+ years’ experience in information systems
  • 3+ years IT security, privacy, audit, controls and regulatory compliance, or related experience
  • Experience conducting risk assessments aligned with industry standard frameworks & standards.
  • Intermediate understanding of IT domains: infrastructure, networking, storage, databases, operating systems, cloud, applications, etc.
  • Strong understanding of security technologies and domains, including: SSO, IAM, DLP, EDR, SIEM, firewalls, gateways, IDS/IPS, CASB, antivirus, SSDLC, cryptography, PKI, etc.
  • Ability to evaluate IT controls objectives and feasibility.
  • Advanced oral and written communication skills, demonstrating the ability to convey business terminology that is meaningful and well received by the customer.
  • Demonstrated knowledge of broad security and risk management related practices
  • Ability to manage multiple projects simultaneously, including the ability to delegate areas of responsibility
  • Ability to adapt to new methods, work under tight deadlines and stressful conditions • Ability to work well within a team.
  • Advanced ability to liaise with individuals across a wide variety of operational, functional and technical disciplines
  • Advanced ability to translate business needs and problems into viable/accepted solutions
  • Ability to resolve conflict and foster teamwork
  Preferred:
  • Insurance industry knowledge
  • Information security, compliance, risk or audit professional certifications, such as CISSP, CISA, CISM, CGEIT, CRISC, CPA, OSCP, CCSP, CCSK
  TECHNICAL REQUIREMENTS:
  
  Required:
  • IT Control Frameworks including NIST CSF, NIST 800-53, ISO/IEC 27001, NIST 800-30, ISO/IEC 27005
  • Knowledge of regulations including Sarbanes-Oxley, HIPAA, GLBA, GDPR
  • Cloud assessment experience (AWS, Azure, Google Cloud, etc.)
  Preferred:
  • Knowledge of compliance certifications such as SOC2, PCI, etc.
  • Cyber Risk Quantification (CRQ) experience (e.g., FAIR)
  
  
  Company Overview
  
  
  RGA:
  Discover Reinsurance - https://www.rgare.com/our-company/about-rga
  Our history, purpose, partnership, reinsurance, RGA Central (client portal), industry recognition, and risk assessment.
  Discover Your Purpose - https://www.rgare.com/careers/careers-overview
  Join a community of people driven by the same purpose: to make financial protection accessible to all. What we do, work life worldwide, culture and purpose, diversity, equity and inclusion, career development, benefits, and balance, and becoming a candidate.
  Discover RGA - https://www.rgare.com/
  Reinsurance Group of America – Making financial protection accessible to all, solutions for every situation, RGA Knowledge Center, global insight locally delivered, our responsibility at RGA, newsroom, and policy and governance.
  The general pay range for this position is $84,860 - $128,110 per year. Base pay varies depending on job-related knowledge, skills, experience, and market location. In addition, RGA provides an annual bonus plan that includes all roles, and some positions are eligible for participation in our long-term equity incentive plan. RGA maintains a full range of health, retirement, and other employee benefits.
  #LI-CW1
  #LI-Hybrid
  #LI-Remote
  
  
  
  

• About the company

  At RGA, we specialize in providing life and health-related reinsurance and financial solutions to help our clients effectively manage risk and capital.

Notice