Director, Cybersecurity Due Diligence & Assessments

About The Position

Requirements

• Bachelor’s Degree in Arts/Sciences (BA/BS) or equivalent experience - Required.
• 5+ Years progressive professional experience evaluating, delivering, and/or managing in a complex IT environment(s) - Required.
• 7+ Years professional experience including 7 years working in a complex, global corporation - Required.
• Identifies and resolves technical, operational and organizational problems.
• Advanced understanding of IT domains: infrastructure, networking, storage, databases, operating systems, cloud, applications, etc. - Required.
• Advanced understanding of security technologies and domains, including: SSO, IAM, DLP, EDR, SIEM, firewalls, gateways, IDS/IPS, CASB, SSDLC, cryptography, PKI, etc. - Required.
• Advanced understanding of security technologies, frameworks/standards (e.g., NIST CSF, NIST 800-53, ISO/IEC 27001, NIST 800-30, ISO/IEC 27005, etc.), and risk management methodologies. - Required.
• Strong ability to make timely and effective decisions and produce results through strategic planning and the implementation and evaluation of programs and policies. - Required.
• Strong project management skills. Demonstrates ability to evaluate project objectives and scope feasibility, gain understanding, schedule resources, and manage budget to plan. - Required.
• Strong analytical, critical thinking and decision-making skills and excellent written and verbal communication skills. Manages a generally homogeneous team; adapts plans and priorities to meet service and/or operational changes. - Required.
• Ability to quickly learn and understand the business of RGA.
• Previous experience as a Security Risk Analyst, Systems Administrator, IT Auditor, Developer, Security Engineer, Penetration Tester, Cloud Engineer. - Required.

Nice To Haves

• Post-graduate or professional qualification in related field - Preferred.

Responsibilities

• Manages a team to ensure timely and effective risk management reporting, maintain the security risk register, and escalate newly identified risks in alignment with established risk thresholds, appetite, and rating methodologies.
• Oversee process to evaluate the security risks associated with vendors and suppliers.
• Facilitates cross-functional review of findings and determine a proper risk-based outcome and resource availability for management response of remediation activities and timelines.
• Adhere to risk management framework and adoption of improvements supporting continuous program maturity.
• Oversees technical security assessments and other control validation activities, ensuring results are accurately interpreted, risk-rated, and integrated into the security risk management process.
• Manages, mentors, and directs activities of associates within the department and performs supervisory duties including but not limited to, hiring, training, evaluating, and coaching of direct reports.
• Leads the development and implementation of cyber security risk management initiatives and maintain technical security expertise to properly evaluate risks.
• Participate in GSO's governance processes and process improvement workshops.

Benefits

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
• Join the bright and creative minds of RGA, and experience vast, endless career potential.