General information **Country**:Colombia **Creation Date**:03-Mar-2025 **Employment Type**:Permanent **Employment Type**:Full time **Ref #**:1234571571 - Description & Requirements - Role Title: Risk Engineer: Cyber Security - Department: Cyber Risk Engineering (CRE) - Location: Colombia, Brazil or Mexico - Type: Permanent About the Role: The Global Risk Solutions (GRS) Cyber Risk Engineering (CRE) team would like you to consider joining us to consult with underwriters on the technical risk associated with organizations seeking cyber insurance. We also need your help bridging the lines of communication between the stakeholders (underwriters, CISOs, and security savvy agents/brokers), and building our tools, services, and processes About the Department & Team: CRE works alongside our product (the insurance policies) team, our cyber strategy team, the cyber underwriters, and multiple other teams (Collectively the Global Cyber Underwriting office). - The CRE team is specifically responsible for a few things: 1. Helping underwriters (who decide who/what to insure for what price) understand the cyber risk of an organization. - 2. Helping clients manage and improve their security on an ongoing basis. - 3. Helping design technical tools to make #1 and #2 more efficient. One of the most rewarding things about this role is that you’ll be creating win/win/win solutions, because the incentives of our company, our partners, and the incentives of our clients all align on making the world a safer, more secure place. Key Responsibilities: - Consult with and advise underwriters in evaluating the risk of companies looking for cyber insurance - Provide advisory services to our clients and support loss control to help minimize client risk - Provide thought leadership about cyber security and insurance - Cyber insurance is projected to grow from $13 billion in 2023 to $33 billion in 2027. Unlike other lines of insurance which can be underwritten using traditional, cyber insurance requires understanding an individual organization’s specific technical situation in context. We need you to help our underwriters review the risk of companies looking for cyber insurance. - Additionally, cyber insurance is an ongoing relationship. Many of our clients want help with their cyber security. This role provides advisory services to our clients to equip them to manage their cyber risk. Every day you’ll meet with people who have a new challenge to solve. And at the end of the day, you’ll have their appreciation for your help and will have made the world a better place. - You’ll also have the opportunity to build connections and educate internal and external clients on cyber security and insurance. - Adherence to all relevant regulatory requirements forms part of your role, and the demonstration of behaviours as set out in the Conduct Risk Policy, as they relate to your role, is core to LSM's commitment to our Liberty Values, placing customers at the centre of our business and behaving with integrity. LSM expects you to understand your responsibilities relating to all regulatory and internal requirements, and to proactively demonstrate compliance with these requirements and behaviours at all times. These requirements include the Senior Managers and Certification Regime Conduct Rules, Solvency II, fair treatment of customers, Financial Crime, Data Protection, Conflicts of Interest, and Whistleblowing Skills and Experience: - Experience in cyber security such as but not limited to a consulting security engineer, a consulting security architect, a CISO, a security evangelist, a pre-sales security engineer, a Governance, Risk, and Compliance (GRC) analyst - Strong Communication skills - Inclusive mindset - being a global team you’ll need the willingness to build trust with a diverse set of partners & clients. - The ability to handle uncertainty and complexity - Technical skills related to cyber security - Languages: Fluent English. French or German or Arabic would be beneficial. In short, we need cyber security SMEs who can communicate with stakeholders. You’ll use: - Communication skills. Having a knack for explaining cyber security to internal and external stakeholders with varying levels of cyber-security knowledge. - The ability to handle uncertainty and complexity. Risk assessment is complex, and underwriters are working under time pressure, so all the information is often not available. We’ll be asking you to make your best judgement based on the information at hand. An adaptable mindset is often needed to be able to think both like a cybersecurity professional, as well as an underwriter. And you’ll often need to be able to see the broad, strategic picture beyond the details. - Technical skills. We don’t expect you to know everything but do need you to have a good working knowledge of information security. Self-learning, skills, certifications, or standards knowledge are all acceptable ways of demonstrating your information sec