Security Threat Risk Analyst

Security Threat Risk Analyst

Full Time

Norwalk, CT

About the Company :

Wilton Re is an industry leader in the life (re)insurance space, specializing in the acquisition of in force life insurance and annuities.

We are experienced industry specialists focused on the risk, capital and operational needs of our clients’ businesses. We provide our clients with the services they need from in force transactions and product development to underwriting and new business strategies.

Wilton Re has the resources and expertise to pursue and successfully manage the largest life and annuity transactions in the market.

Position Summary :

The Security T hreat Risk Analyst’s role in driving the development and implementation of a comprehensive, ongoing, and sustainable information / cyber security risk management program (SRMP) is essential to providing Board of Directors, Executive Management, and regulators with the insight they require on the information security risks faced by the company.

Likely candidate will have spent several years (5-7 years) in senior analyst or consultant roles, focusing on cybersecurity within sectors that handle sensitive data, like finance, healthcare, or insurance.

Role Responsibilities :

Champion the Information / cyber security risk management program (SRMP) 50%

• Act as the in-house expert in information / cyber security risk management for the Wilton Re Group
• Conduct in-depth analysis of the current threat and risk landscape in the cybersecurity industry, especially as it pertains to the life insurance sector.
• Draft detailed reports on industry-specific threats and risks, providing insights into trends, future projections, and potential impacts on the organization.
• Develop expertise in Cloud risks and ensure appropriate policies and procedures are implemented to mitigate such risks.
• Use threat modeling and current threat intelligence to guide risk management strategies in software development and acquisition.
• Foster relationships with key Wilton Re business teams, partners, regulators and industry associations
• Ensure ISP Policy framework across the Wilton Re Group includes appropriate SRMP materials (i.e. Policy, Standards Guidelines, and Operating processes & procedures)
• Effectively consult on, communicate and advocate necessary actions to address control weaknesses and / or emerging information / cyber security control challenges identified
• Research new ways & means to protect the information assets of the Wilton Re Group and remain aligned with Regulatory directions

SME Communications 30%

• Develop and define key performance indicators related to cybersecurity threats and risks for the organization.
• Ensure these KPIs effectively measure the organization's security posture and align with business objectives and Board expectations.
• Analyze threat intelligence feeds and create understandable briefings for senior executives and the Board, focusing on significant risks and action plans.
• Tailor communication to meet the needs of an executive audience and other key stakeholder, emphasizing strategic implications and business impacts.
• Design and drive the implementation of needed components into the company-wide information security / cyber security risk management education, awareness and training program.

Business Continuity 20%

• Ensure information / cyber security event & Incident response plan is capable of responding efficiently and effectively to security events / incidents up to and including critical data breach
• Plan, drive and organize the periodic simulation / testing of the (CSIRP) at both the organizational and technical / technology level.

Basic Qualifications :

• 10 + years in Information / Cyber Security & Risk Management positions or related roles such as ERM, ORM and / or Audit and / or other business roles
• Technical Proficiency : Deep understanding of cybersecurity frameworks (like NIST, MITRE ATT&CK, OWASP), cloud security, software development security, and threat modelling.
• Strategic Thinking : Ability to analyse complex threat landscapes and develop comprehensive strategies aligned with business objectives.
• Communication Skills : Exceptional ability to communicate technical concepts to non-technical audiences, including senior executives and board members.
• Leadership : Experience in leading projects and facilitating teams, with a focus on collaboration and stakeholder engagement.
• A commitment to ongoing professional development and continuous process improvement.

Required Education / Certifications :

Bachelor Degree in a relevant area of study

CRISC, CISM, CISA, CCSP, and CISSP certifications preferred

Pay / Location

Base salary range for this position in Connecticut is between $140,000 and $180,000. Please note that specific compensation decisions are based upon a variety of job-related factors as permitted by law, including geographic location, credentials, skills, education, training and experience.

Base salary is just one component of Wilton Re’s total compensation package for employees. Additional compensation includes annual performance-based bonus, 401K with employer contribution, and profit-sharing program.

Employee may also be eligible for long-term incentives (equity). All incentives and benefits are subject to the applicable plan terms.

What We Offer :

• Competitive vacation and sick time, including company-paid holidays, floating holidays and early closing days
• 401(k) plan with employer contribution - US Employees Only
• Profit Sharing Program
• Competitive parental leave
• Health, vision, dental, and life insurance, including access to health and wellness programs
• Actuarial Development Program (ADP) for Actuarial employees taking exams
• Employee Assistance Program (EAP)
• Current hybrid working environment
• Employee Engagement Events and various committees on site to join

Wilton Re strives to attract, develop, and retain a diverse workforce. We are committed to providing an inclusive and accessible work environment where all associates feel valued, respected, and supported.

Our commitment to inclusivity is reflected in the safeguards, policies and commitments we have in place to remove barriers and provide equal opportunities to prospective and current associates, without discrimination.

A Human Resources representative is available to consult with applicants who require accommodation in the application or recruitment process.

Any information shared by the applicant about an accommodation will be treated as confidential.

To All Recruitment Agencies : Please do not send any resumes or solicitations regarding open positions to Wilton Re employees unless you have been requested to work on this position or other positions with Wilton Re;

please reach out to your main point of contact. Wilton Re is not responsible for any fees related to unsolicited resumes.