Zurich, Zurich, CH
About Swiss Re
Swiss Re is one of the world’s leading providers of reinsurance, insurance and other forms of insurance-based risk transfer, working to make the world more resilient. We anticipate and manage a wide variety of risks, from natural catastrophes and climate change to cybercrime.
At Swiss Re we combine experience with creative thinking and cutting-edge expertise to create new opportunities and solutions for our clients. This is possible thanks to the collaboration of more than 13,000 employees across the world.
We offer a flexible working environment where curious and adaptable people thrive. Are you interested in joining us?
About the Role
The Chief Security Officer (CSO) function is the focal point for security activities across Swiss Re. We have the role to coordinate security governance, risk and compliance, define and advance the company's cyber security strategy and architecture as well as supporting the implementation of vital security capabilities.
Do you want to contribute directly to successful business outcomes by driving digitalization forward in a secure way? Are you motivated to guide our IT colleagues in securely designing applications, platforms and infrastructure? Does the maintenance and development of a Cloud Security Framework resonate with you, and are you willing to communicate and report along risk frameworks to a broader audience?
This is what your role as a Cloud Risk Manager in the Governance, Risk, and Compliance (GRC) Center of Expertise is all about.
Activities you´ll perform:
• Maintain and further develop the Swiss Re Cloud Security Framework which is mainly based on CSA/CCM.
• Guiding IT system owners to secure applications and solutions in our public cloud environment.
• Collaborate with Cloud architects in developing secure enterprise solutions on public cloud platforms; mainly in MS Azure and in China's based Ali Cloud.
• Discussing with governance representatives and internal auditors the safeguards and controls of the Cloud Security Framework.
• Create and communicate risk- and compliance reports along different dimensions like applications, business units, or industry standards.
About You
Do you have some experience with governance and risk management topics? Are you comfortable to deal with industry-based security- and risk frameworks and willing to translate them into a specific context?
Are you familiar or interested in how safeguards are implemented in MS Azure or in China's based Ali Cloud? Can you manage and communicate risk and compliance reports?
Your skills comprise:
• Basic knowledge of cybersecurity concepts, technologies, and standard methods, and willingness to dive into new areas.
• Some experience in IT risk management and governance topics
• CISSP, CISA, CISM, SANS GIAC or similar qualifications are a plus.
• Some familiarity with ISO 27'00x / NIST SP 800-53 standards and reports.
• Ability to describe IT related risks and controls, bring them into the business context and communicate assessment results effectively at different levels of the organisation.
• Familiarity in the implementation of security standards in regulated environments.
• Strong analytical and communication skills.
• Feeling comfortable with leading through sophisticated conversations across multiple partners in a consulting and mediating way.
• Ability to communicate in a clear, empathetic and solution-focused manner.
• Excellent written and verbal communication skills in English; German is a plus.
We are an equal opportunity employer, and we value diversity at our company. Our aim is to live visible and invisible diversity – diversity of age, race, ethnicity, nationality, gender, gender identity, sexual orientation, religious beliefs, physical abilities, personalities and experiences – at all levels and in all functions and regions. We also collaborate in a flexible working environment, providing you with a compelling degree of autonomy to decide how, when and where to carry out your tasks.
We provide feedback to all candidates via email. If you have not heard back from us, please check your spam folder.
Keywords:
Reference Code: 102013
Job Segment: Risk Management, Manager, Finance, Management