Cyber Security Consulting Director
QBE Americas, Inc., Chicago, Illinois, United States, 60290
Join Our Team as a Cyber Security Consulting Director!
If you're an experienced Information Security Consultant looking to make a significant impact, we invite you to lead transformational change in cyber and information security risk management across our North America operations. This is your opportunity to conduct comprehensive security assessments, identify and mitigate current and emerging risks, and recommend effective security controls.
In this pivotal role, you will collaborate closely with application development, infrastructure, and internal security teams, as well as our global partners, to ensure QBE's systems and data are safeguarded against sophisticated cyber threats. We seek a candidate who brings deep technical expertise, a proactive mindset, and the ability to deliver strategic insights that address root-cause issues while contributing to meaningful business outcomes in a fast-paced, collaborative environment.
Location:
Flexible Work Arrangement:
This role can be remote or hybrid (with an expectation of office attendance 2-3 days per week). Salary Range:
$112,500 - $210,500 Your Role and Responsibilities: Lead the development and delivery of a robust cyber security framework by partnering with stakeholders to proactively identify, assess, and mitigate risks across the organization. Drive continuous improvement in cybersecurity practices through effective policies, standards, processes, and templates that enhance risk management and resilience. Align security frameworks with enterprise business and technology strategies to ensure scalable security solutions. Evaluate business strategies to determine security requirements and ensure security measures are embedded throughout the software development lifecycle. Define security requirements for software development, balancing business functionality with cybersecurity best practices. Collaborate with various teams to define security architecture components that mitigate risks in application and cloud environments. Provide security leadership across application-level and cloud infrastructure projects, ensuring alignment with enterprise security goals. Conduct system security and vulnerability assessments, risk analyses, and architectural reviews to identify integration challenges and emerging threats. Build and maintain cross-functional relationships to identify root-cause issues and offer actionable guidance to reduce threats and vulnerabilities. Represent the security function in architecture review boards and project planning forums, ensuring security is integrated from the outset. Required Experience and Qualifications: Extensive experience in information security and IT risk management, emphasizing security, performance, and reliability. Proven track record in conducting cyber risk assessments and implementing effective security solutions. Ability to collaborate with Application Development, Infrastructure, and Project teams to align on security goals and meet deadlines. Solid understanding of security protocols, cryptography, authentication, and authorization. Familiar with frameworks such as ISO 27001 and NIST Cybersecurity Framework (CSF). Adept at communicating and enforcing security measures across diverse teams and stakeholders. Broad technical knowledge encompassing security, networking, web applications, firewalls, and risk management. Self-motivated and adaptable, capable of working independently in fast-paced, evolving environments. Preferred Qualifications: 7+ years of experience in Information Security consulting roles. Hands-on experience with DevSecOps practices and tools like SAST, DAST, and SCA. Experience developing reference security architectures. Experience in a regulated financial environment, ensuring adherence to data protection and regulatory standards. Strong understanding of security controls in cloud environments, particularly Microsoft Azure. Proficient with cloud platforms including Azure, AWS, and Google Cloud. Excellent communication skills and a strong business acumen. Good working knowledge of current IT risks and mitigation strategies. Compensation Package: The salary range for this role is provided above and represents the national range. The final offer will be based on the role's complexity, its location, and the candidate's professional background, including education and experience. Beyond the base salary, employees are also eligible for QBE's annual discretionary bonus plan based on performance. QBE Benefits: Hybrid Working:
A mix of working from home and in the office. 22 weeks:
Paid leave for family growth, with 12 weeks available to all parents on a gender-equal basis. 401(k):
Competitive program with a company match up to 8%. Well-being Program:
Includes holistic coaching, gym membership, and confidential counseling. Tuition Reimbursement:
For professional certifications and continued education. Employee Network and Community:
Active support for various Employee Networks and community initiatives. Why QBE? At QBE, we're enabling a resilient future for our customers, communities, environment, and our people. Join us to work alongside passionate, talented individuals and make a real impact in the cybersecurity landscape.
Flexible Work Arrangement:
This role can be remote or hybrid (with an expectation of office attendance 2-3 days per week). Salary Range:
$112,500 - $210,500 Your Role and Responsibilities: Lead the development and delivery of a robust cyber security framework by partnering with stakeholders to proactively identify, assess, and mitigate risks across the organization. Drive continuous improvement in cybersecurity practices through effective policies, standards, processes, and templates that enhance risk management and resilience. Align security frameworks with enterprise business and technology strategies to ensure scalable security solutions. Evaluate business strategies to determine security requirements and ensure security measures are embedded throughout the software development lifecycle. Define security requirements for software development, balancing business functionality with cybersecurity best practices. Collaborate with various teams to define security architecture components that mitigate risks in application and cloud environments. Provide security leadership across application-level and cloud infrastructure projects, ensuring alignment with enterprise security goals. Conduct system security and vulnerability assessments, risk analyses, and architectural reviews to identify integration challenges and emerging threats. Build and maintain cross-functional relationships to identify root-cause issues and offer actionable guidance to reduce threats and vulnerabilities. Represent the security function in architecture review boards and project planning forums, ensuring security is integrated from the outset. Required Experience and Qualifications: Extensive experience in information security and IT risk management, emphasizing security, performance, and reliability. Proven track record in conducting cyber risk assessments and implementing effective security solutions. Ability to collaborate with Application Development, Infrastructure, and Project teams to align on security goals and meet deadlines. Solid understanding of security protocols, cryptography, authentication, and authorization. Familiar with frameworks such as ISO 27001 and NIST Cybersecurity Framework (CSF). Adept at communicating and enforcing security measures across diverse teams and stakeholders. Broad technical knowledge encompassing security, networking, web applications, firewalls, and risk management. Self-motivated and adaptable, capable of working independently in fast-paced, evolving environments. Preferred Qualifications: 7+ years of experience in Information Security consulting roles. Hands-on experience with DevSecOps practices and tools like SAST, DAST, and SCA. Experience developing reference security architectures. Experience in a regulated financial environment, ensuring adherence to data protection and regulatory standards. Strong understanding of security controls in cloud environments, particularly Microsoft Azure. Proficient with cloud platforms including Azure, AWS, and Google Cloud. Excellent communication skills and a strong business acumen. Good working knowledge of current IT risks and mitigation strategies. Compensation Package: The salary range for this role is provided above and represents the national range. The final offer will be based on the role's complexity, its location, and the candidate's professional background, including education and experience. Beyond the base salary, employees are also eligible for QBE's annual discretionary bonus plan based on performance. QBE Benefits: Hybrid Working:
A mix of working from home and in the office. 22 weeks:
Paid leave for family growth, with 12 weeks available to all parents on a gender-equal basis. 401(k):
Competitive program with a company match up to 8%. Well-being Program:
Includes holistic coaching, gym membership, and confidential counseling. Tuition Reimbursement:
For professional certifications and continued education. Employee Network and Community:
Active support for various Employee Networks and community initiatives. Why QBE? At QBE, we're enabling a resilient future for our customers, communities, environment, and our people. Join us to work alongside passionate, talented individuals and make a real impact in the cybersecurity landscape.