Zurich NA Information Security Consultant (Governance, Risk, Compliance) in Schaumburg, Illinois
Information Security Consultant (Governance, Risk, Compliance)
Zurich Services LLC (a division of Zurich North America) is currently hiring an Information Security Consultant and this person will sit in our Schaumburg, IL North America Headquarters.
Reporting to the Senior Manager of the Regulatory and Industry Compliance office, the Information Security Program Lead supports senior management with the development and improvement of regulatory compliant processes, technologies, and business models. The Information Security Program Lead employs a broad range of professional, interpersonal, and technical skills as part of the analysis, problem solving, review and evaluation of enterprise wide change strategies and issue remediation efforts.
Working collaboratively with security delivery resources, technical SMEs, and various business partners / functions to support successful delivery of the overall program
Enable the enterprise to be proactive, make risk-based security decisions, meet regulatory and contractual requirements, and industry-accepted best practices
Recommend operationally feasible and cost-effective solutions to reduce risk, as appropriate
Responsible for building effective working relationships, making sound decisions, successfully making changes, initiating action and achieving results as a trusted advisor
Diagnoses and develops security requirements to solve complex, enterprise-wide problems.
Helps to prioritize incoming initiative requests by driving strategic trade-off discussions, balancing the needs of the individual business/function, the broader enterprise /region and optimal information security solutions
Acts as a resource across many initiatives and projects to provide the security governance framework and leverage across those projects achieving greater benefits.
Helps identify security services improvement opportunities that can be aligned with existing and/or planned enterprise-wide solutions.
Leverages enterprise-wide processes and solution architecture into business unit and strategic support unit specific solutions.
Acts in a facilitation, mentoring and quality review capacity on some enterprise-wide initiatives and projects, leading to measurable benefits and results.
Identifies specific metrics and measures that can be incorporated into solutions, enabling continuous improvement.
Works effectively at all levels of the organization, with the ability to influence others to move toward consensus.
Engages with strategy leaders to stay abreast of Zurich strategy, both business and Information Security.
Partners with enterprise and security architecture team in developing security governance framework that aligns with the information security strategy.
Bachelor’s Degree and 5 or more years of experience in the Data Security area OR
High School Diploma or Equivalent and 7 or more years of experience in the Data Security area AND
Experience working across business units and/or geographic boundaries
Prior experience with oversight and coordination of information security governance, risk, and compliance programs.
Industry experiences in large financial services, high-tech, and /or healthcare on internal audit, regulatory or contractual information security compliance projects.
CISSP, CRISC, CEH, CISM or other relevant security certifications and knowledge of ISO and NIST security standards
Industry experiences with information security requirements/programs such as PCI DSS, HIPAA applicable security / privacy controls, NIST cybersecurity framework, NIST privacy engineering program (PEP), or COBIT
Industry experience with common application security architecture and vulnerabilities (e.g. OWASP Top 10, CWE/SANS Top 25), attack techniques and remediation tactics/strategies.
Familiarity with technologies such as intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Incident and Event Management (SIEM), and virtualization platforms
Exposure to Agile delivery methodologies.
Imagine working for a company that truly cares about their employees, customers, stakeholders, and communities they serve.
Imagine working for a values-driven organization that has the ambition and desire to be the best global insurance provider in the world.
Zurich is that place where 55,000 employees across approximately 200 countries and territories are all focused on helping people and helping companies protect what is truly most important to them. We are a values-driven organization that takes pride in the work that we do every day and we have the ambition to be the best global insurer in the world.
Zurich does not accept unsolicited resumes from search firms or employment agencies. Any unsolicited resume will become the property of Zurich American Insurance. If you are a preferred vendor, please use our Recruiting Agency Portal for resume submission.
Primary Location: United States-Illinois-Schaumburg
Relocation Available No
Job Posting 02/12/20
Unposting Date Ongoing
Req ID: 190007AV
It is the Policy of Zurich in North America, as an equal opportunity employer, to attract and retain the best-qualified individuals available, without regard to race/ethnicity, color, religion, gender expression, genetic information, national origin, sex, gender identity, sexual orientation, marital status, age, disability or protected veteran status.