Senior Cyber Risk Specialist - Operations
Description
Senior Cyber Risk Specialist
Department of Operations
Bermuda Monetary Authority (Authority or BMA) seeks the services of a skilled and capable individual to work as a Senior Cyber Risk Specialist – Cyber Risk, Operations Department. Reporting to the Assistant Director – Cyber Risk, the Senior Cyber Risk Specialist will be part of a Team responsible for all aspects of cyber risk supervision for BMA-regulated entities.
This is a key role for the Authority and the post-holder will be responsible for:
• Managing and mentoring junior team members
• Managing workloads and tracking the status of workstreams
• Reviewing regulated cyber risk entity submissions for both licensing applications and prudential filings and producing risk and compliance reports
• Assisting with the analysis of highly confidential filing return data to include risk rating mechanisms, statistical analysis and the creation of management information reports
• Reviewing cyber risks and security controls specific to the FinTech sector
• Conducting cyber risk supervision review processes across the insurance, banking, corporate services and FinTech sectors
• Assisting with on-site cyber risk reviews of regulated entities against the Authority’s regulatory Acts, Standards and Codes and assisting in the creation of on-site reports
• Contributing to knowledge sharing and training of supervisors
• Advising and supporting Supervision Departments regarding ongoing cyber supervision
• Proactively researching and managing the identification of emerging cyber threats and vulnerabilities
• Contributing to threat intelligence information gathering, i.e., the identification of emerging cyber threats and vulnerabilities in order to provide contextual awareness of cyber threats
• Performing other related work and special projects as assigned by management in accordance with competencies normally associated with the post
This position requires a proven technical and business background. Therefore, the post-holder must have:
• A master’s degree in computer science, information security from a recognised institution or equivalent of a bachelor’s degree together with a professional qualification such as CISSP, CISM, CISA, CCNA, CRISC, ISO27001 Lead Implementer, CIPP/E,
• Cloud certification at the Architect level & cloud security certification (CCSP, CCSK)
• A minimum of seven (7) years experience in IT risk, IT security or IT regulation, of which at least three (3) years should be at a senior level working within a regulated financial services business or as a financial services regulator.
• Working knowledge of the BMA Digital Asset Business Act 2018, Cyber Codes of Conduct, Custody Code of Practice and associated regulatory provisions.
• Solid experience with distributed ledger technology, smart contracts, APIs, digital assets and associated cyber risks and security controls
• Good working knowledge of international cyber risk frameworks, e.g., NIST, ISO 27001, COBIT
• Proficiency with data querying and analysis tools
• High proficiency with Excel formatting, SQL, Tableau, Microsoft Power BI
• Effective communication skills
The Bermuda Monetary Authority is the integrated regulator of Bermuda’s financial services sector. We offer the opportunity for broad exposure to international regulatory issues, special projects and a
variety of work experiences.
If you are looking for a challenging opportunity in a team environment, we invite you to submit your application online via our ‘Careers’ page at www.bma.bm. Applications for this position must be received no later than 10 December 2024.
BMA House | 43 Victoria Street | Hamilton HM 12 | Bermuda | Tel: (441) 295 5278
Bermuda Monetary Authority is an Equal Opportunity Employer.
Individual Excellence…Collective Strength