The Risk Management function is critical to Enstar. The function is structured into various risk towers, including cyber risk. The Cyber Security Risk Analyst is responsible for undertaking and supporting processes to identify, assess, treat and monitor/report on the underlying risk profile. This will involve liaising with third parties (incident desk top and red team testing) as well as tracking any findings through to remediation. The role will also support various Management Committee activities as it pertains to Information Security, Data Protection and Artificial Intelligence.
What you will be doing:
Key Accountabilities:
- Conduct regular risk assessments, identifying, evaluating, and managing risks to minimize operational and compliance risks in support of the Enterprise Risk Management program.
- Maintain risk and control register and the associated maintenance of our GRC framework ensuring it remains reflective of the risks to which the Company is exposed.
- Utilizes risk profiles (risk assessments, metrics, incidents/Root cause analysis, wavers and other relevant performance data) to develop dynamic cybersecurity risk information within Enstars ERM program providing a fully integrated, prioritized, enterprise-wide view of risks needed to drive strategic and business decisions.
- Monitor the cyber environment for new risks and reviews the effectiveness of current risk mitigation strategies, ensuring that the organization adapts to evolving threat landscapes and where it doesn't agreeing remediating actions that are then tracked through to remediation.
- Assists with the evaluation of the effectiveness of the cyber risk program by developing, monitoring, gathering, and analyzing metrics for management.
- Maintains successful relationships with IT, Security Operations and Compliance to understand the impact of cyber risk on business processes.
- Support risk and other management forums as it pertains to agenda and materials development, including emerging risks.
- Review 3rd party security assessments from a 2nd line perspective.
- Support Cyber Incident Desk Top and Red Team testing as appropriate.
What you will bring:
- Bachelor's degree in a security related field and minimum of 3 years of relevant experience. An equivalent combination of education and experience may be considered in lieu of a degree.
- Information Security certifications such as CISSP, CISM, CISA, or CRISC are highly preferred.
- Knowledge with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001
- Detailed knowledge of cyber risk management practices from the context of ERM Frameworks and familiarity with GRC applications.
- Strong analytical and problem-solving skills.
- Good written and verbal communication skills.
- 3+ years experience within a Risk Management function or equivalent type of role.
- Experience with security tools and technologies.
- Experience of ERM Frameworks with respect to cyber risk and the identification, assessment, treatment and monitoring/reporting on the underlying risks.
- Ability to work independently and as part of a team.
- Strong commitment to task and high level of personal responsibility.
Who we are:
Enstar Group Limited ("Enstar" or "EGL") is a leading global insurance group. Through our network of group companies, we help others - principally other insurance companies - release capital by taking over liability portfolios which no longer make strategic sense for them to hold. We create value by better managing these "run-off" insurance portfolios and strive to generate attractive risk-adjusted returns from our investment portfolio.
At year-end 2023 we had completed 117 transactions since the 2000. Today, Enstar is the industry's largest standalone run-off consolidator. With around 800 global employees, our network of group companies has a significant physical presence in Bermuda, where our headquarters are located, the United States, the United Kingdom, continental Europe, and Australia.
Enstar maintains a strong balance sheet. We hold long-term issuer ratings of BBB+ with stable outlook by S&P and Fitch. Enstar's capital base continues to grow, reaching $7.4 billion at the end of 2023, including $5.6 billion of shareholders' equity and total debt of $1.8 billion. A market leader in the run-off space, Enstar leverages its expertise in claims management, risk analysis, and investments to generate value. These services make Enstar different, something unique.
A characteristic that is core to our culture: we encourage an entrepreneurial spirit, our colleagues have autonomy to shape strategy, innovate new revenue streams and we reward those who are commercially focused.
NIMBLE
We are quick to respond to change. We embrace new technology and new lines of business according to market demands. We grasp new concepts quickly, are able to deliver in a timely manner and can improvise when needed.
SOLUTIONS FOCUSED
We are resilient, successful, have a winning mentality, possess a strong work ethic. We believe in getting it done.
TEAMWORK
Our strength is working together as a Group, across regions, companies and disciplines. We firmly believe the sum of our collective effort, knowledge and ambition will always outweigh our individual contributions. We work as a trusted partner to our clients.
AWARE
We use our knowledge and experience to stay aware of market trends, acquisition opportunities and other influencers that could impact us and our competitors. Our constant awareness means that we are vigilant, innovative and responsive.
RELEVANT
At all times we strive to undertake actions that are relevant to help us achieve our vision, and to ensure we remain a provider of relevant insurance solutions to the market. We have shown a capacity to evolve and will continue to do so in order to ensure our ongoing relevance to the market.
Equal Opportunities at Enstar:
Our annual Inclusivity Index puts Enstar ahead of the industry in terms of diversity and inclusivity. At Enstar, we value all types of diversity. We're an equal opportunity employer and believe that our diversity creates an authentic working culture.