Back to all jobs

Cyber Risk Specialist, ADS (Canada Remote)

Guidewire

Dec 03

Guidewire-Cyence Risk Analytics brings together data science and engineering, cyber insurance, cybersecurity, and economics to build a unique analytics platform that quantifies the financial impact of cyber risk and qualifies cyber risk management. Cyence is engaged by leading firms in the financial services industry to prospect and select risks, assess and price risks, manage risk portfolios and accumulations, and bring new cyber-insurance products to market.
 
This position will report to the head of a new client-facing cyber solutions unit which is focused on bridging the gap between the current core product and forward-looking innovation solutions. This Cyber Risk Specialist will be primarily focused on enhancing knowledge and capabilities for a major financial services client, and will likely engage on other client-facing projects within the cyber solutions unit. We’re looking for someone who values integrity, team chemistry, open-mindedness, growth, and making a difference.

Responsibilities

    • Work cross-functionally with colleagues in client-facing roles, data engineering, DevOps, data science/modeling, and product in a growing environment to assess, research, and analyze cyber security risks (vulnerabilities, threats, and attacks on enterprise products and environments) and controls.
    • Research, evaluate, and understand security controls as they relate to risk management including, but not limited to Anti-Malware, IDS, Content Filter, DNS Security, Vulnerability Management, Endpoint Detection & Response, Mobile Device Management, SIEM and Cloud Security and technology. 
    • Develop hypotheses about cyber risk measurement techniques, and conduct EDA on new data sources, develop metrics and documentation, and make recommendations based on documented assessment of cyber risk implications
    • Maintain up-to-date understanding of security threats, countermeasures, security tools expanding our capabilities in managing and integrating new and existing data sources including assisting with expanding, optimizing, and troubleshooting our data pipelines which receive, ingest, process and extract data that serve innovation solutions; and support our operational and business objectives, working with data analysts on existing and new data initiatives.
    • Directly support and debrief managing leadership in preparation for higher level cyber risk discussions with corporate leadership and other clients
    • Provide guidance and training to clients on basic cyber security controls and best practices, and risk management awareness
    • Instruct and provide guidance to relevant co-workers on security measurement tool use, deployment, maintenance, as necessary
    • Execute projects and process improvements to identify potential opportunities, resolve constraints, and support business activities that constantly improve the team’s overall cybersecurity posture.
    • Identify, design, implement, and own internal process improvements; automate manual processes; optimize data delivery and ingestion.
    • Assemble large, complex data sets that meet business requirements.

Requirements:

    • 1-5 years of experience and bachelor’s or master’s degree in a related field or a recognized industry certificate, with preference for certifications with a practical component (e.g., SANS GIAC, Comp TIA, CEH, ECSA, SSCP).
    • Broad knowledge of network security, endpoint security, cloud-based and distributed infrastructure security, vulnerability management, enterprise security controls, security incident response, cyber threat intelligence and analysis (TTPs, IOCs). security processes, authentication and security protocols, cryptography and application security, container and multi-tier web applications, security orchestration, large scale data pipelines, and WAF and virtual firewalls.
    • Working knowledge of at least three of the following areas: secure cloud deployment, application whitelisting, security engineering, incident handling, vulnerability analysis, active adversary threat management, penetration testing, encryption technologies, cyber threat intelligence and analysis.
    • Strong problem-solving, time management and analytical skills. 
    • Clear and organized communication skills both speaking and writing.
    • Demonstrated ability to quickly pick up new technical concepts and skills.
    • Understanding of security and risk frameworks such as MITRE ATT&CK, CIS, and VERIS, NIST CSF, NIST SP 800-series.
    • Experience manipulating, transforming, and extracting value from large data sets.
    • Have an open-mind willingness to be challenged and strong desire to learn
    • Self-driven and ability to work independently without being micromanaged while accepting responsibility for outcomes and expectations
    • Ability to automate solutions to repetitive problems/tasks using scripting languages such as Perl and Python
    • Commitment to learn from and work with peers to grow and expand your cybersecurity knowledge and expertise
About Guidewire
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.

Guidewire combines core, data, digital, analytics, and AI to deliver our platform as a cloud service. More than 400 insurers, including the largest and most complex in the world, run on Guidewire.

As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.

Guidewire Software, Inc. is proud to be an equal opportunity and affirmative action employer. We are committed to an inclusive workplace, and believe that a diversity of perspectives, abilities, and cultures is a key to our success. Qualified applicants will receive consideration without regard to race, color, ancestry, religion, sex, national origin, citizenship, marital status, age, sexual orientation, gender identity, gender expression, veteran status, or disability. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.

Disability Accommodations and Guidewire’s Appeals Process. Guidewire provides accommodations to the hiring process to create a fair opportunity for candidates with disabilities to contend for open positions. Accommodation requests should be directed to (650) 356-4940 or [email protected]. If things do not go as hoped, we invite you to use our appeals process. Guidewire promises to independently review any denied accommodation and any decision not to offer you the position. The appeals process is the same in either case. Within five business days of receiving a notice of denial of an accommodation, or receiving a notice of your non-selection for a vacancy, call (650) 356-4940 or e-mail [email protected] to make an appeal. Guidewire will assign a new decision-maker to review the request and/or hiring decision, who will then notify you in writing of a decision within 10 business days.