Job Description
Primary Details Time Type: Full time Worker Type: Employee The Opportunity: QBE is seeking an experienced Information Security Consultant to lead transformational change in cyber and information security risk management across our North America operations. In this role, you will conduct comprehensive security assessments, identify and mitigate current and emerging risks, and recommend effective short- and long-term security controls. You will collaborate closely with application development, infrastructure, and internal security teams, as well as global partners, to ensure the protection of QBE's systems and data from sophisticated cyber threats. The ideal candidate will bring deep technical expertise, a proactive and innovative mindset, and the ability to deliver strategic insights that address root-cause issues, ensure compliance, reduce risk, and drive meaningful business outcomes in a fast-paced, collaborative environment. • Location: Flexible on location • Work Arrangement: This role can be remote or hybrid(where you will be expected to be in the office 2-3 days per week.) based location of candidate. • The salary range for this role is between $112,500-$210,500. Your New Role: • Lead the development and delivery of a robust cyber and information security capability by partnering with stakeholders to proactively identify, assess, and mitigate risks across the organization. • Drive the implementation and continuous improvement of a mature cybersecurity practice through the adoption of effective policies, standards, processes, and templates that enhance risk management and organizational resilience. • Align security frameworks and standards with enterprise business and technology strategies to ensure cohesive and scalable security solutions. • Determine security requirements by evaluating business strategies and ensuring security standards are embedded throughout the software development lifecycle. • Define and maintain security requirements for software development, balancing business functionality with cybersecurity best practices. • Collaborate with Cyber Security, Architecture, and supporting teams to define security architecture components that proactively mitigate risks across both application and cloud infrastructure environments • Provide security leadership and support across both application-level and cloud infrastructure projects, ensuring alignment with enterprise security goals. • Conduct comprehensive system security and vulnerability assessments, risk analyses, and architectural reviews to identify integration challenges and emerging threats. • Build and maintain strong cross-functional relationships to identify root-cause issues, provide actionable guidance, and drive sustained reduction of threats and vulnerabilities. • Represent the security function in architecture review boards and project planning forums, ensuring security is embedded from the outset of all initiatives. Required Experience/Qualifications: • Extensive background in information security and IT risk management, with a focus on security, performance, and reliability. • Experienced in conducting cyber risk assessments and implementing effective security solutions. • Proven ability to collaborate with Application Development, Infrastructure, and Project teams to align on security goals and meet deadlines. • Solid understanding of security protocols, cryptography, authentication, and authorization. • Familiar with industry-recognized frameworks such as ISO 27001 and NIST Cybersecurity Framework (CSF). • Adept at communicating and enforcing security measures across diverse teams and stakeholders. • Broad technical knowledge across security, networking, web applications, firewalls, vulnerability management, and risk management. • Self-motivated and adaptable, with the ability to work independently in fast-paced, evolving environments. Preferred Qualifications/Experience: • Over 7 years of experience in Information Security consulting roles. • Hands-on experience with DevSecOps practices and tools such as SAST, DAST, and SCA. • Experienced in developing reference security architectures. • Experienced working in a regulated financial setting, ensuring adherence to data protection, risk management, and regulatory standards. • Strong understanding of security controls in cloud environments, particularly Microsoft Azure. • Proficient in working with major cloud platforms including Azure, AWS, and Google Cloud. • Excellent written and verbal communication skills along with business acumen and a commercial outlook. • Good working knowledge of current IT risks and mitigation strategies. Compensation Package: The salary range for this role is provided above. This is the national range for location(s) listed. The salary offer will be decided based on the role's complexity, its location, and the candidate's professional background, including their education and experience. Beyond the base salary, regular full-time and part-time employee
Apply tot his job
Apply To this Job