Cyber Risk Governance Analyst (Remote/Flexible)

As the Cyber Risk Governance Analyst you will support global Cyber Risk within the Security and Privacy Operations function of Insulet’s Technology department.  This role will be required to collaborate across IT and the business to identify, assess, manage, and monitor cybersecurity risks.

Responsibilities: 

• Participate in the maintenance and continuous improvement of the Cyber Risk & Controls framework based on knowledge of the business, threat landscape, and various cybersecurity frameworks (including those published by the National Institute of Standards and Technology)   

• Utilize IT and Cyber Risk subject matter expertise, understanding of the medical device industry, and collaboration with peers to properly advise on suitable mitigating controls through established IT Risk Assessment processes and procedures; participate in maintenance and updates of these processes and procedures 

• Quantify and prepare metrics to demonstrate residual risks, prioritize remediation actions, and/or outline and facilitate criteria for risk acceptance
• Manage our Policy Hierarchy program to ensure that requirements are gathered, understood and inform the development of policies and associated processes

• Provide guidance and support to business units on Cyber Risk best practices

• Aid in advising legal and procurement on IT security language of vendor contracts, provide feedback, and work across departments and/or vendor as needed  

• Participate in the development of a controls testing approach to provide assurance on the coverage, design, and operating effectiveness of IT Controls 

• Prepare Key Risk Indicator data for dashboards and metrics, which may include explaining risks in business/non-technical terms 

• Make data-driven decisions based on all available data and experience, even when no obvious answer is presented 

• Collaborate with other departments to make IT risk decisions, including but not limited to R&D, Infrastructure & Operations, Legal, Enterprise Risk Management, Regulatory, Quality, Procurement, and Manufacturing 
• Collaborates with the Cyber Risk Governance Manager and the Cyber Risk Assurance Manager to develop and maintain the department's Governance, Risk & Compliance (GRC) platform and tooling
• Support and contribute to internal and external audits of areas which include Insulet’s IT and security controls framework.

​Education & Experience 

• Bachelor’s degree or related experience in IT, MIS, computer science, or related technology discipline 
• IT/Cyber Risk Management experience in a highly regulated industry, along with a demonstrated understanding of how IT risk must be balanced to support and enable the success of the business preferred
• Good understanding and applied knowledge of cybersecurity risk and control frameworks such as NIST CSF, NIST 800-53, CMMC, ISO 27K series, CIS Critical Security Controls, CSA Cloud Control Matrix, Cyber Essentials Plus etc. 

• Experience with requirements gathering and developing policies and procedures

• Ability to solve problems through communication and compromise across technical and non-technical audiences, without sacrificing the proper risk mitigation or acceptance criteria 

• Proactive in the identification of potential problems and proposal of solutions 

• Willingness to pursue related certifications (CRISC, CISM, CISSP, etc.) 
    

Preferred Skills and Competencies 

• Experience in implementing and monitoring enterprise cyber security controls
• Experience with Threat Modeling 

• Experience building and/or supporting a Unified Control Framework 

• Exposure to penetration testing and purple teaming activities
• Excellent analytical and problem-solving skills
• Strong communication and interpersonal skills

• Experience building and/or supporting a Unified Control Framework 

• Exposure to penetration testing and purple teaming activities
• Excellent analytical and problem-solving skills
• Strong communication and interpersonal skills

Must be able to travel internationally up to 10%

NOTE: This position is eligible for 100% remote working arrangements (may work from home/virtually 100%; may also work hybrid on-site/virtual as desired). #LI-Remote

Additional Information:

The US base salary range for this full-time position is $82,725.00 - $124,087.50. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position in the primary work location in the US. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your Talent Acquisition Specialist can share more about the specific salary range for your preferred location during the hiring process. Please note that the compensation details listed in US role postings reflect the base salary only, and do not include bonus, equity, or benefits.

Insulet Corporation (NASDAQ: PODD), headquartered in Massachusetts, is an innovative medical device company dedicated to simplifying life for people with diabetes and other conditions through its Omnipod product platform. The Omnipod Insulin Management System provides a unique alternative to traditional insulin delivery methods. With its simple, wearable design, the tubeless disposable Pod provides up to three days of non-stop insulin delivery, without the need to see or handle a needle. Insulet’s flagship innovation, the Omnipod 5 Automated Insulin Delivery System, integrates with a continuous glucose monitor to manage blood sugar with no multiple daily injections, zero fingersticks, and can be controlled by a compatible personal smartphone in the U.S. or by the Omnipod 5 Controller. Insulet also leverages the unique design of its Pod by tailoring its Omnipod technology platform for the delivery of non-insulin subcutaneous drugs across other therapeutic areas. For more information, please visit insulet.com and omnipod.com.

We are looking for highly motivated, performance-driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!

At Insulet Corporation all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

(Know Your Rights)

Apply