Director of Cyber Security Consulting
QBE Americas, Inc., Atlanta, Georgia, United States, 30383
Join Our Team as a Director of Cyber Security Consulting!
If you're a seasoned Information Security Consultant eager to make a significant impact, seize this chance to lead transformational change in cyber and information security risk management across our North America operations. This is your opportunity to conduct thorough security assessments, identify and mitigate risks, and recommend effective security controls.
In this crucial role, you will work closely with application development, infrastructure, and internal security teams, as well as our global partners, to ensure our systems and data are protected against sophisticated cyber threats. We seek a candidate with deep technical expertise, a proactive mindset, and the ability to deliver strategic insights that address root-cause issues while contributing to meaningful business outcomes in a dynamic, collaborative environment.
Location:
Flexible Work Arrangement:
This role can be remote or hybrid (with an expectation of office attendance 2-3 days per week). Salary Range:
$112,500 - $210,500 Your Role and Responsibilities: Lead the development and delivery of a robust cyber security framework by collaborating with stakeholders to proactively identify, assess, and mitigate risks. Drive continuous improvement in cybersecurity practices through effective policies, standards, processes, and templates that enhance risk management and resilience. Align security frameworks with enterprise business and technology strategies to ensure scalable security solutions. Evaluate business strategies to determine security requirements, ensuring security measures are embedded throughout the software development lifecycle. Define security requirements for software development, balancing business functionality with cybersecurity best practices. Work with various teams to establish security architecture components that mitigate risks in application and cloud environments. Provide security leadership across application-level and cloud infrastructure projects, ensuring alignment with enterprise security goals. Conduct system security and vulnerability assessments, risk analyses, and architectural reviews to identify integration challenges and emerging threats. Build and maintain cross-functional relationships to uncover root-cause issues and offer actionable guidance for reducing threats and vulnerabilities. Represent the security function in architecture review boards and project planning forums, ensuring security is integrated from the outset. Required Experience and Qualifications: Extensive experience in information security and IT risk management, focusing on security, performance, and reliability. Proven track record in conducting cyber risk assessments and implementing effective security solutions. Ability to collaborate effectively with Application Development, Infrastructure, and Project teams to align on security goals and meet deadlines. Solid understanding of security protocols, cryptography, authentication, and authorization. Familiarity with frameworks such as ISO 27001 and NIST Cybersecurity Framework (CSF). Adept at communicating and enforcing security measures across diverse teams and stakeholders. Broad technical knowledge encompassing security, networking, web applications, firewalls, and risk management. Self-motivated and adaptable, capable of working independently in fast-paced, evolving environments. Preferred Qualifications: 7+ years of experience in Information Security consulting roles. Hands-on experience with DevSecOps practices and tools like SAST, DAST, and SCA. Experience developing reference security architectures. Experience in a regulated financial environment, ensuring adherence to data protection and regulatory standards. Strong understanding of security controls in cloud environments, particularly Microsoft Azure. Proficient with cloud platforms including Azure, AWS, and Google Cloud. Excellent communication skills and a strong business acumen. Good working knowledge of current IT risks and mitigation strategies. Compensation Package: The salary range for this role is provided above and reflects the national range. The final offer will be based on the complexity of the role, its location, and the candidate's professional background, including education and experience. Beyond the base salary, employees are also eligible for our annual discretionary bonus plan based on performance. Our Benefits: Hybrid Working:
A mix of working from home and in the office. 22 weeks:
Paid leave for family growth, with 12 weeks available to all parents on a gender-equal basis. 401(k):
Competitive program with a company match up to 8%. Well-being Program:
Includes holistic coaching, gym membership, and confidential counseling. Tuition Reimbursement:
For professional certifications and continued education. Employee Network and Community:
Active support for various Employee Networks and community initiatives. Why Join Us? At our company, we are enabling a resilient future for our customers, communities, environment, and our people. Join us to collaborate with passionate, talented individuals and make a real impact in the cybersecurity landscape.
Flexible Work Arrangement:
This role can be remote or hybrid (with an expectation of office attendance 2-3 days per week). Salary Range:
$112,500 - $210,500 Your Role and Responsibilities: Lead the development and delivery of a robust cyber security framework by collaborating with stakeholders to proactively identify, assess, and mitigate risks. Drive continuous improvement in cybersecurity practices through effective policies, standards, processes, and templates that enhance risk management and resilience. Align security frameworks with enterprise business and technology strategies to ensure scalable security solutions. Evaluate business strategies to determine security requirements, ensuring security measures are embedded throughout the software development lifecycle. Define security requirements for software development, balancing business functionality with cybersecurity best practices. Work with various teams to establish security architecture components that mitigate risks in application and cloud environments. Provide security leadership across application-level and cloud infrastructure projects, ensuring alignment with enterprise security goals. Conduct system security and vulnerability assessments, risk analyses, and architectural reviews to identify integration challenges and emerging threats. Build and maintain cross-functional relationships to uncover root-cause issues and offer actionable guidance for reducing threats and vulnerabilities. Represent the security function in architecture review boards and project planning forums, ensuring security is integrated from the outset. Required Experience and Qualifications: Extensive experience in information security and IT risk management, focusing on security, performance, and reliability. Proven track record in conducting cyber risk assessments and implementing effective security solutions. Ability to collaborate effectively with Application Development, Infrastructure, and Project teams to align on security goals and meet deadlines. Solid understanding of security protocols, cryptography, authentication, and authorization. Familiarity with frameworks such as ISO 27001 and NIST Cybersecurity Framework (CSF). Adept at communicating and enforcing security measures across diverse teams and stakeholders. Broad technical knowledge encompassing security, networking, web applications, firewalls, and risk management. Self-motivated and adaptable, capable of working independently in fast-paced, evolving environments. Preferred Qualifications: 7+ years of experience in Information Security consulting roles. Hands-on experience with DevSecOps practices and tools like SAST, DAST, and SCA. Experience developing reference security architectures. Experience in a regulated financial environment, ensuring adherence to data protection and regulatory standards. Strong understanding of security controls in cloud environments, particularly Microsoft Azure. Proficient with cloud platforms including Azure, AWS, and Google Cloud. Excellent communication skills and a strong business acumen. Good working knowledge of current IT risks and mitigation strategies. Compensation Package: The salary range for this role is provided above and reflects the national range. The final offer will be based on the complexity of the role, its location, and the candidate's professional background, including education and experience. Beyond the base salary, employees are also eligible for our annual discretionary bonus plan based on performance. Our Benefits: Hybrid Working:
A mix of working from home and in the office. 22 weeks:
Paid leave for family growth, with 12 weeks available to all parents on a gender-equal basis. 401(k):
Competitive program with a company match up to 8%. Well-being Program:
Includes holistic coaching, gym membership, and confidential counseling. Tuition Reimbursement:
For professional certifications and continued education. Employee Network and Community:
Active support for various Employee Networks and community initiatives. Why Join Us? At our company, we are enabling a resilient future for our customers, communities, environment, and our people. Join us to collaborate with passionate, talented individuals and make a real impact in the cybersecurity landscape.