Senior Cybersecurity & Privacy Risk Management Specialist

You desire impactful work.
 

You’re RGA ready

RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 500 Company and listed among its World’s Most Admired Companies, we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.

As a Senior Cybersecurity & Privacy Risk Management Specialist, you will be responsible for understanding the complexities of RGA’s cybersecurity and data privacy framework as it applies to each global product. In support of RGA's global business partners, you will provide timely responses to cybersecurity and data privacy due diligence questionnaire requests, as well as review, decipher, opine, and negotiate on contractual obligations related to RGA’s cybersecurity and data privacy framework.

RESPONSIBILITIES:

• Complete due diligence questionnaire requests within defined service level agreement timeframes.

• Provide cybersecurity and data privacy subject matter expertise in conversations with clients and third-party vendors in support of RGA’s global business partners and Global Legal Services.

• Evaluate and ensure protection of RGA’s cybersecurity and data privacy position through comprehensive negotiation and timely review of contractual documents prepared by clients, third-party vendors, and in-house counsel.

• Identify and develop responses to due diligence questions that are not yet available in the knowledge library, which may involve bridging collaboration with various business and technology stakeholders across the organization.

• Maintain and update the knowledge library by learning from internal teams and completing research to find or create answers to knowledge gaps.

• Interpret and understand laws, regulations, complex issues, and contractual documents related to cybersecurity and data privacy, investigate, problem solve, and provide workable recommendations and solutions.

• Periodically update documentation regarding RGA’s cybersecurity and data privacy programs and processes.

• Stay current on RGA infrastructure updates.

• Help maintain a culture of security, privacy, and controls within RGA.

• Maintain strict confidentiality and privilege when required.

• Attention to detail, excellent analytical, problem-solving, critical-thinking, and multi-tasking skills.

• Perform other duties as assigned.

EDUCATION:

Required:

• Bachelor’s Degree in Arts/Sciences (BA/BS) or equivalent experience

EXPERIENCE:

Required:

• 5+ years relevant experience in IT security, privacy, audit, controls and regulatory compliance, or related experience.

• Minimum 3 to 5 years of experience with legal and regulatory standards (e.g. GDPR, SOX, NIST, ISO)

• Cybersecurity risk management; client and 3rd party contract review

• Strong interpersonal, presentation, verbal, and written communication skills with the ability to effectively …