Job Profile Name: Cyber Risk Governance Associate
Job Level: P1
Position Overview
This role will support the global Cyber Risk Governance function within Insulet's Cyber Risk department. This role will be required to collaborate across IT, Security and Privacy Operations and the wider business to identify, assess, manage, and monitor cybersecurity risks.
Responsibilities: Participate in the maintenance and continuous improvement of the Cyber Risk & Controls framework based on knowledge of the business, threat landscape, and various cybersecurity frameworks (including those published by the National Institute of Standards and Technology). Participate in maintenance and updates of established IT Risk Assessment processes and procedures ensuring that document updates, and any associated justifications, are centrally recorded. Responsible for drafting policy and process updates to reflect organizational and regulatory changes and subject matter expert guidance. Facilitate our Actions Management program to ensure that known risks are treated or accepted in line with Insulet's Risk Management Framework. Provide guidance and support to business units on Cyber Risk best practices. Participate in the development of a controls testing approach to provide assurance on the coverage, design, and operating effectiveness of IT Controls. Aid in preparing Key Risk Indicator data for dashboards and metrics, which may include explaining risks in business/non-technical terms. Participate in the development and maintenance of the department's Governance, Risk & Compliance (GRC) platform and tooling. Support and contribute to internal and external audits of areas which include Insulet's IT and security controls framework.
Education & Experience Bachelor's degree or related experience in IT, MIS, computer science, or related technology discipline. Demonstrable working experience in IT/Cyber Risk Management experience in a highly regulated industry, along with a demonstrated understanding of how IT risk must be balanced to support and enable the success of the business. Good understanding and applied knowledge of cybersecurity risk and control frameworks such as NIST CSF, NIST 800-53, CMMC, ISO 27K series, CIS Critical Security Controls, CSA Cloud Control Matrix, Cyber Essentials Plus, etc. Experience with cloud computing and AWS and Azure services. General understanding of networking and associated protocols. Ability to solve problems through communication and compromise across technical and non-technical audiences, without sacrificing the proper risk mitigation or acceptance criteria. Proactive in the identification of potential problems and proposal of solutions. Willingness to pursue related certifications (CRISC, CISM, CISSP, etc.).
Preferred Skills and Competencies Experience in implementing and monitoring enterprise cyber security controls. Experience supporting a Unified Control Framework. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills.
Travel Requirement:
Up to 10% for business meetings, corporate events, and seminars. Primarily domestic with potential for international travel where there is a specific business requirement.
Insulet Corporation (NASDAQ: PODD), headquartered in Massachusetts, is an innovative medical device company dedicated to simplifying life for people with diabetes and other conditions through its Omnipod product platform. The Omnipod Insulin Management System provides a unique alternative to traditional insulin delivery methods. With its simple, wearable design, the tubeless disposable Pod provides up to three days of non-stop insulin delivery, without the need to see or handle a needle. Insulet's flagship innovation, the Omnipod 5 Automated Insulin Delivery System, integrates with a continuous glucose monitor to manage blood sugar with no multiple daily injections, zero fingersticks, and can be controlled by a compatible personal smartphone in the U.S. or by the Omnipod 5 Controller. Insulet also leverages the unique design of its Pod by tailoring its Omnipod technology platform for the delivery of non-insulin subcutaneous drugs across other therapeutic areas. For more information, please visit insulet.com and omnipod.com.
We are looking for highly motivated, performance-driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!
Please read our Privacy Notice to learn how Insulet handles your personal information when you apply for a vacancy with us here. #J-18808-Ljbffr
Job Level: P1
Position Overview
This role will support the global Cyber Risk Governance function within Insulet's Cyber Risk department. This role will be required to collaborate across IT, Security and Privacy Operations and the wider business to identify, assess, manage, and monitor cybersecurity risks.
Responsibilities: Participate in the maintenance and continuous improvement of the Cyber Risk & Controls framework based on knowledge of the business, threat landscape, and various cybersecurity frameworks (including those published by the National Institute of Standards and Technology). Participate in maintenance and updates of established IT Risk Assessment processes and procedures ensuring that document updates, and any associated justifications, are centrally recorded. Responsible for drafting policy and process updates to reflect organizational and regulatory changes and subject matter expert guidance. Facilitate our Actions Management program to ensure that known risks are treated or accepted in line with Insulet's Risk Management Framework. Provide guidance and support to business units on Cyber Risk best practices. Participate in the development of a controls testing approach to provide assurance on the coverage, design, and operating effectiveness of IT Controls. Aid in preparing Key Risk Indicator data for dashboards and metrics, which may include explaining risks in business/non-technical terms. Participate in the development and maintenance of the department's Governance, Risk & Compliance (GRC) platform and tooling. Support and contribute to internal and external audits of areas which include Insulet's IT and security controls framework.
Education & Experience Bachelor's degree or related experience in IT, MIS, computer science, or related technology discipline. Demonstrable working experience in IT/Cyber Risk Management experience in a highly regulated industry, along with a demonstrated understanding of how IT risk must be balanced to support and enable the success of the business. Good understanding and applied knowledge of cybersecurity risk and control frameworks such as NIST CSF, NIST 800-53, CMMC, ISO 27K series, CIS Critical Security Controls, CSA Cloud Control Matrix, Cyber Essentials Plus, etc. Experience with cloud computing and AWS and Azure services. General understanding of networking and associated protocols. Ability to solve problems through communication and compromise across technical and non-technical audiences, without sacrificing the proper risk mitigation or acceptance criteria. Proactive in the identification of potential problems and proposal of solutions. Willingness to pursue related certifications (CRISC, CISM, CISSP, etc.).
Preferred Skills and Competencies Experience in implementing and monitoring enterprise cyber security controls. Experience supporting a Unified Control Framework. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills.
Travel Requirement:
Up to 10% for business meetings, corporate events, and seminars. Primarily domestic with potential for international travel where there is a specific business requirement.
Insulet Corporation (NASDAQ: PODD), headquartered in Massachusetts, is an innovative medical device company dedicated to simplifying life for people with diabetes and other conditions through its Omnipod product platform. The Omnipod Insulin Management System provides a unique alternative to traditional insulin delivery methods. With its simple, wearable design, the tubeless disposable Pod provides up to three days of non-stop insulin delivery, without the need to see or handle a needle. Insulet's flagship innovation, the Omnipod 5 Automated Insulin Delivery System, integrates with a continuous glucose monitor to manage blood sugar with no multiple daily injections, zero fingersticks, and can be controlled by a compatible personal smartphone in the U.S. or by the Omnipod 5 Controller. Insulet also leverages the unique design of its Pod by tailoring its Omnipod technology platform for the delivery of non-insulin subcutaneous drugs across other therapeutic areas. For more information, please visit insulet.com and omnipod.com.
We are looking for highly motivated, performance-driven individuals to be a part of our expanding team. We do this by hiring amazing people guided by shared values who exceed customer expectations. Our continued success depends on it!
Please read our Privacy Notice to learn how Insulet handles your personal information when you apply for a vacancy with us here. #J-18808-Ljbffr
