Cyber Risk Consultant – Part-Time, Job-Share or Full-Time

Full-time Part-Time Zurich in Technology Email Job
  • Share:

Job Description

Cyber Risk Consultant – Part-Time, Job-Share or Full-Time


Cyber Risk Consultant – Part-Time, Job-Share or Full-Time


Location: UK, Home-Based


The opportunity:

With the nature of cyber security evolving so rapidly, Zurich Insurance is searching for an experienced cyber risk specialist to further strengthen Zurich’s capability with regards to Cyber insurance and risk advisory for businesses. This is an exciting and unique opportunity to work within our Zurich Resilience Solutions team as a Cyber Risk Consultant. You will enjoy a great deal of autonomy and a varied, challenging and rewarding diet of work using your expertise to help customers, brokers and underwriters understand and manage exposures in this dynamic risk environment. As well as a technical expert you will be a creative, original thinker who can generate innovative solutions and shape the development of our cyber risk proposition leading Zurich and our customer on this exciting journey.


This role is available part-time, job-share or full time. This is because we want the best people for our roles, and we recognise that sometimes those people aren’t available full-time.


Key Responsibilities:


  • Work closely with our Cyber Underwriters to carry our cyber risk assessments of the client’s environment to better understand the cyber exposures, cyber risk and loss potential in order to support risk transfer.
  • Provide technical advice to our Cyber Underwriters and other stakeholders inside and outside the business as a subject matter expert on cyber risk management.
  • Provide guidance and support to customers to carry out cyber risk management as well as advising them on risk mitigation and cyber strategy development.
  • Providing specialist cyber risk management consultancy for clients across multiple industries while working with both senior management and technical teams within a client business environment.
  • Carrying out pre-engagement requirements (goals, budgeting, timing, etc.) and assisting with the scoping of work.
  • Research current security and threat related topics as foundation for knowledge sharing with customers, industry groups and other Zurich business units.
  • Develop the cyber risk proposition for Zurich Resilience Solutions including identification and delivery oversight of third-party solutions.
  • To liaise with our Global Cyber Risk Practice Leader to develop and embed best practice across the global network


Your skills and experience:


  • Strong demonstrable knowledge of cyber risk management and experience in the definition of standards, processes, and procedures in the area of cyber risk management.
  • Experience in conducting cyber security assessments and gap analysis against various cyber security frameworks.
  • Demonstrable knowledge and understanding of security principles and good practice including frameworks, standards, and regulatory requirements such as NIST, COBiT, NCSC CAF, Cyber Essentials, PCI DSS, HIPAA, GDPR, ISO27001:2013, ISO27005:2018.
  • Knowledge, insight and understanding of cyber security concepts, tools, and processes needed for making sound business decisions.
  • Ability to articulate security advice directly to customers at operational and strategic levels including up to Director and Board levels.
  • Direct or “specialist” experience in one or more of the following subject areas:
    • Vulnerability and Patch Management
    • Supply Chain Cyber Risk Management
    • Identity and Access Management
    • Cyber Awareness and Training
    • Security Monitoring
    • Incident Response Planning and Testing
    • Post Major Incident Review
    •  Disaster Recovery
  • Experience with Digital Forensic and/or Operation Technology Cyber Security would be desirable
  • Relevant experience of collaborating with a range of stakeholders at senior organisational levels and actively engaging with remote business units and brokers.
  • Excellent presentation skills and the ability to speak with confidence to non-technical audiences on cyber security trends, developments and assessment techniques.
  • A team player with good interpersonal and influencing skills and experience of working with a high degree of autonomy, managing and prioritising your own workload and delivering to tight timescales.
  • Familiarity with vendors of major security products and services.
  • Understanding cyber insurance would be helpful.
  • Information Security Certification, such as CISSP, CISM, CISA, ISO27001:2013 Lead Implementor/Auditor is preferred but not mandatory.


The Reward:


In return we are offering a competitive salary, based on experience, a fully maintained company car and an excellent lifestyle benefits package which includes:


  • 12% pension contribution
  • 25 days holiday, plus an additional 3 volunteering days
  • Company annual bonus scheme
  • Home worker allowances
  • Private Healthcare
  • 16 weeks’ paid maternity/paternity leave
  • Plus other flexible benefits to suit your lifestyle


We are committed to continuous improvement and we offer access to a comprehensive range of training and development opportunities.


At Zurich we will consider requests for flexible working on hiring.  Many of our employees work flexibly in many different ways, including part-time, flexible hours, job share, an element of working from home or compressed hours.  Please talk to us at interview about the flexibility you may need.