Descrizione del lavoro:
LOCATION: London UK, Poland, Stamford USA
(COMPANY NAME) XL has an exciting opportunity for a Principal Technical Security Expert, who will be responsible for embedding security (people, processes, and technology) within (COMPANY NAME) XL's cloud and identity platforms. You will be required to work with projects and operational teams to develop an appropriate security strategy, architecture and practices that will be embedded into our cloud and identity solutions, securing appropriately our IT platforms and solutions.
DISCOVER your opportunity
The successful candidate will have a track record associated with technical security consulting / security architecture with knowledge of security architectures, technologies, standards, and industry guidelines, especially those applicable to Cloud (SaaS, PaaS, IaaS), Microsoft 365 and Identity:
* Provide thought leadership across Group Technology regarding the design and implementation of cloud security and identity solutions and artefacts
* Manage and influence key stakeholders (capability owners) to provide input and support initiatives related to cloud security and identity improvements and enhancements
* Take input from key stakeholders to develop and maintain the cloud and identity security roadmaps
* Drive the development and enhancement of the cloud security and identity control environment across the (COMPANY NAME) XL IT estate
* Be the global technical expert / owner, for large-scale complex projects (>1m USD, involving numerous technical teams) that are related to the deployment of cloud security and identity
* Own, drive the creation of domain artefacts, managing the input from multiple architectures, engineers, and operations personnel to create cloud security and identity domain artefacts
* Drive the development of the security control environment for the (COMPANY NAME) XL cloud and identity solutions across utilized by (COMPANY NAME) XL
* Represent (COMPANY NAME) XL to other (COMPANY NAME) Group and other entities in the field of Cloud and Identity security
* Be able to demonstrate how proposed designs comply to (COMPANY NAME) XL security policies and (COMPANY NAME) Group Security standards
* Responsible for taking security architecture designs through (COMPANY NAME) XL's governance processes
* Development and continuous evolution of our security target architecture and roadmaps based on sound enterprise architecture practices
* Working with Global Technology, Information Security, Data Protection Office and IRM teams to align the cloud and identity security control environment
* Work with Project Managers and other stake holders to produce agreed sets of deliverables, work to project plans and report progress. Provide input to planning, forecasting process and RAID logs where required.
* Review security technologies, tools, and services, and make recommendations to the broader security and development teams for their use, based on security, financial, and operational metrics
You will report within the (COMPANY NAME) XL Cyber Defense Team, that is part of the (COMPANY NAME) XL IT team.
SHARE your talent
We're looking for someone who has these abilities and skills:
* Working knowledge of cloud (Microsoft Azure or AWS) or identity services (Activity Directory, Azure, Auth0, CyberArk, etc.), and other supporting technologies
* Understand the transformation of traditional data center security measures into hybrid and Cloud deployment (predominately Azure & AWS)
* Knowledge of industry standards such as ISO xxxx1, HIPAA, FedRAMP, Cloud Security Alliance, NIST frameworks and risk methodologies
* Experience with Security Architecture (e.g., SABSA, CISSP«, etc.) and/or credentials
* Understanding of threat landscapes and threat modeling, security threat and vulnerability management, and security monitoring
* Awareness of tools and techniques used by attackers to gain entry into corporate networks, including common IT system flaws and vulnerabilities
* Experience working in a consulting (internal or external) type of role
* Core Technologies including security networking, DNS, Firewalls, Wintel and virtualization.
* Broad technical experience in several security disciplines including endpoint and platform (Unix/Linux/Windows, virtualization, mobile) controls, encryption/tokenization, identity and access management, PKI, data protection, and security tooling integration in complex environments
* Working knowledge of design principles relating to DLP, IDS/ IPS, Firewalls, Proxies, Identity Access Management, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.
* Experience in working with the Solutions and Technical Architects to ensure solutions designs include the appropriate security guardrails to reduce risk and protect sensitive internal and external client information.
* Understanding of the Secure SDLC process and follows the process to effectively develop and design solutions
* Demonstrated experience in communicating complex security concepts, both verbally and in writing, to a variety of audiences
* Must take ownership of tasks and demonstrate high degree of automony to ensure completion
* Must be personable and foster good stakeholder and peer group working relationships
* Supporting RFP/RFIs & SOWs where appropriate
* Experience with cloud compliance and or common industry security standards.
* Recognised Cyber Security certifications, such as CISSP, CIISEC (member of fellow), CISM, SANS, SABSA, OSCP are advantageous
* Desired Azure Security Engineer (AZ-500) accreditation or similar
FIND your future
(COMPANY NAME) XL, the P&C and specialty risk division of (COMPANY NAME), is known for solving complex risks. For mid-sized companies, multinationals and even some inspirational individuals we don't just provide re/insurance, we reinvent it.
How? By combining a strong and efficient capital platform, data-driven insights, leading technology, and the best talent in an agile and inclusive workspace, empowered to deliver top client service across all our lines of business − property, casualty, professional, financial lines and specialty.
With an innovative and flexible approach to risk solutions, we partner with those who move the world forward.
At (COMPANY NAME) XL we are happy to talk flexible working. We are committed to building a diverse and inclusive workforce and consider flexible ways of working for every role. Talk to us about how we can make flexibility work for you.
Learn more at axxxx.xxm.
At (COMPANY NAME) XL our approach to corporate responsibility (CR) is the same as our approach to business; constantly seeking to provide innovative solutions to the world's most complex problems. From offering our expertise, products and services to help build more resilient communities, to advancing understanding and response to climate change, our strategy - Our Impact. Our Future. - aligns key issues that are pertinent to our business - climate, water and financial resilience - and contributes to (COMPANY NAME) Group's purpose to "Act for human progress by protecting what matters.".
* Climate: We're reducing our carbon footprint, protecting ecosystems and exploring how our business can help build a better world.
* Water: We're developing water resilience where it is - and will be - needed most.
* Financial resilience: We're helping create opportunities for the unemployed and underemployed, so they can be better prepared for unexpected changes.
* Hearts in Action: We have established volunteering and charitable giving programs to help colleagues support causes that matter most to them, known as our "Hearts in Action" programs.
For more information please see the Corporate Responsibility section on our website.
Diversity & Inclusion
At (COMPANY NAME) XL, we know that an inclusive culture and a diverse workforce enable business growth and are critical to our success. That's why we have made a strategic commitment to attract, develop, advance and retain the most diverse workforce possible, while creating an inclusive culture where everyone can bring their full selves to work and can reach their highest potential. It's about helping one another - and our business - to move forward and succeed.
* Five Business Resource Groups focused on gender, LGBTQ+, race/ethnicity, disability and inclusion with 20 Chapters around the globe
* Robust support for Flexible Working Arrangements
* Enhanced family friendly leave benefits
* Named to the Diversity Best Practices Index
* Signatory to the UK Women in Finance Charter
Learn more at axxxx.xxx/xxxxx-xx/xxxxxxxxx-xxx-xxxxxxxxx. (COMPANY NAME) XL is an Equal Opportunity Employer
|Pubblicato il:||03 Dic 2022|