Starr Insurance Companies is a leading insurance and investment organization, providing commercial property and casualty insurance, including travel and accident coverage, to almost every imaginable business and industry in virtually every part of the world.
Cornelius Vander Starr established his first insurance company in Shanghai, China in 1919. Today, we are one of the world’s fastest growing insurance organizations, capable of writing in 128 countries on 6 continents.
The Cybersecurity Audit & Process Analyst is responsible for managing and responding to cyber risk assessments and audits, as well as reviewing and optimizing business processes to ensure they are secure and efficient. This role requires a strong background in cybersecurity, audit/compliance, and process engineering, with the ability to collaborate across departments and serve as a key liaison to project managers. The analyst will also conduct security quality assurance testing and support business continuity initiatives.
Key Responsibilities
- Manage and respond to inbound cyber risk assessments from insureds, partners, and regulatory bodies.
- Gather, organize, and provide required artifacts and documentation for external, regulatory, and internal audits.
- Review and analyze business processes to identify and mitigate security risks and inefficiencies.
- Develop and maintain process and audit documentation, ensuring alignment with cybersecurity best practices and regulatory requirements.
- Apply Lean/Six Sigma methodologies to optimize business processes and enhance security measures.
- Collaborate with various departments to ensure accurate, timely responses to audit requests and a comprehensive approach to cybersecurity and process optimization.
- Serve as a key liaison to project managers, ensuring security considerations are integrated into project planning and execution.
- Conduct security quality assurance testing for business applications, identifying vulnerabilities and recommending improvements.
- Identify and address gaps in compliance and security controls, and work with relevant teams to implement corrective actions and remediations.
- Stay informed about the latest regulatory changes, cybersecurity trends, threats, and best practices.
- Prepare detailed reports and presentations for senior management, summarizing audit findings, process analysis, and remediation efforts.
Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Business, Information Systems, Risk Management, or a related field.
- Minimum of 3 years of experience in cybersecurity audit, compliance, process engineering, or a related role.
- Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., SCF, NYDFS, NIST, ISO 27001, CIS Controls).
- Proficiency in audit/compliance management tools and Lean/Six Sigma methodologies.
- Excellent organizational, analytical, and problem-solving skills.
-Strong communication and interpersonal skills, with the ability to engage effectively with stakeholders at all levels.
-Relevant certifications such as CISA, Lean Six Sigma Green Belt, or similar are highly desirable, but not required.
Preferred Skills
- Experience in a similar role within financial services, insurance, or other regulated industries.
- Familiarity with regulatory requirements and compliance standards relevant to the organization.
- Ability to work independently and as part of a team in a fast-paced environment.
- Strong project management skills and attention to detail.
#LI-EP1
Starr is an equal opportunity employer, which means we'll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic. We recruit and develop our people based on merit and we're committed to creating an inclusive environment for all employees. We offer first class training and development opportunities to all employees. Our aim is to grow our own talent and bring out the best in people.
