Cyber Risk Analyst New Bermuda

The Risk Management function is critical to Enstar. The function is structured into various risk towers, including cyber risk. The Cyber Security Risk Analyst is responsible for undertaking and supporting processes to identify, assess, treat and monitor/report on the underlying risk profile. This will involve liaising with third parties (incident desk top and red team testing) as well as tracking any findings through to remediation. The role will also support various Management Committee activities as it pertains to Information Security, Data Protection and Artificial Intelligence.

What you will be doing:

• Conduct regular risk assessments, identifying, evaluating, and managing risks to minimize operational and compliance risks in support of the Enterprise Risk Management program.
• Maintain risk and control register and the associated maintenance of our GRC framework ensuring it remains reflective of the risks to which the Company is exposed.
• Utilizes risk profiles (risk assessments, metrics, incidents/Root cause analysis, wavers and other relevant performance data) to develop dynamic cybersecurity risk information within Enstar's ERM program providing a fully integrated, prioritized, enterprise-wide view of risks needed to drive strategic and business decisions.
• Monitor the cyber environment for new risks and reviews the effectiveness of current risk mitigation strategies, ensuring that the organization adapts to evolving threat landscapes and where it doesn’t agreeing remediating actions that are then tracked through to remediation.
• Assists with the evaluation of the effectiveness of the cyber risk program by developing, monitoring, gathering, and analyzing metrics for management.
• Maintains successful relationships with IT, Security Operations and Compliance to understand the impact of cyber risk on business processes.
• Support risk and other management forums as it pertains to agenda and materials development, including emerging risks.
• Review 3rd party security assessments from a 2nd line perspective.
• Support Cyber Incident Desk Top and Red Team testing as appropriate.

What you will bring:

• Bachelor’s degree in a security related field and minimum of 3 years of relevant experience. An equivalent combination of education and experience may be considered in lieu of a degree.
• Information Security certifications such as CISSP, CISM, CISA, or CRISC are highly preferred.
• Knowledge with common compliance frameworks like the CIS Critical Controls, NIST SP800, ISO27001.
• Detailed knowledge of cyber risk management practices from the context of ERM Frameworks and familiarity with GRC applications.
• Strong analytical and problem-solving skills.
• Good written and verbal communication skills.
• 3+ years experience within a Risk Management function or equivalent type of role.
• Experience with security tools and technologies.
• Experience of ERM Frameworks with respect to cyber risk and the identification, assessment, treatment and monitoring/reporting on the underlying risks.
• Ability to work independently and as part of a team.
• Strong commitment to task and high level of personal responsibility.

Who we are:

Enstar Group Limited (“Enstar” or “EGL”) is a leading global insurance group. Through our network of group companies, we help others – principally other insurance companies – release capital by taking over liability portfolios which no longer make strategic sense for them to hold. We create value by better managing these “run-off” insurance portfolios and strive to generate attractive risk-adjusted returns from our investment portfolio.

Equal Opportunities at Enstar: Our annual Inclusivity Index puts Enstar ahead of the industry in terms of diversity and inclusivity. At Enstar, we value all types of diversity. We’re an equal opportunity employer and believe that our diversity creates an authentic working culture.