Technical IT Compliance and Risk Analyst

Company Description

PartnerRe is a leading, privately owned, multi-line global reinsurer with a reputation of financial stability and strength, and a commitment to rebuilding businesses and communities after risk events around the world.

Our mission is to continue to be a financially stable and predictable business partner, supporting our clients with solutions tailored to their needs, delivering superior returns to our owner, providing rewarding opportunities for our people and making a positive contribution to society. To achieve this, we live by our values of Integrity, Performance, Collaboration, Straightforward Communication and Respect and Care.

Core to The PartnerRe Experience is our global nature. No matter where you sit in the company, you are part of something bigger. Our teams represent our truly international mindset, forging connections across office locations and all levels of the organization and building a network of mutual success. The result is a day-to-day experience that will allow you to:
Shape your own career

Grow in a supportive environment

Connect with a community of experts

Make an impact

View The PartnerRe Experience e-book to find out more about what it’s like to work at PartnerRe.

**We are always looking for bright, proactive individuals to join our team**

**PartnerRe is an equal opportunities employer.**

Please join our company LinkedIn Page for all updates on new positions that are coming live.

**Job Description**:
**The mission is to ensure IT compliance with regulators, customers and PartnerRe policies.**

We are looking for a Technical IT Compliance and Risk Analyst to join our centralized IT Compliance, Risk Management and Security function. You will be embedded in an **international small team** whose mission is to ensure that PartnerRe can **meet** applicable **regulatory obligations**, satisfy expectations and **requirements of PartnerRe’s customers** **and** also meet PartnerRe’s** internal Policies and Guidelines**.

You will be based in our **Zurich (Switzerland), Dublin (Ireland) or Paris** **(France)** office. As an IT Compliance and Risk Analyst, your key role is to **understand** PartnerRe’s regulatory requirements, key risks, system landscape and controls - you are able to leverage this information to **assess new business solutions or third-party services regarding compliance, risk, and security**.

You ensure that the appropriate IT controls are applied throughout new system implementation (**compliance by design**), and all non-compliant findings are remediated in a timely manner to **reduce risks**.

You perform **compliance assurance activities, **especially in privileged access management. You **monitor key performance indicators** to help to measure the success of PartnerRe’s Cybersecurity progam and aid in decision-making.

You **support to secure and harden IT systems** across the organization. This includes analysis of existing security configuration baselines, determining appropriate controls and benchmarks, creation of new revisions to existing images and configuration. You will track the compliance of IT systems across PartnerRe through monitoring and auditing.

You **respond to security questionnaires** PartnerRe received **from customers, regulators, and auditors**.

You contribute to the **identification and assessment of IT and key Cyber security risks and to the performance of compliance gap analysis of new or changed regulations. **You **contribute to improvements of our IT control framework** on a risk-based approach and maintain our GRC system (Governance, Risk & Compliance system). Furthermore, you **identify and drive process improvements** (lean processes, meeting compliance requirements).

**Qualifications**:
You have a working knowledge of information security frameworks, standards, practices, and regulations (such as ISO/IEC 2700x, NIST, HIPAA, OWASP, SOX, EU GDPR, NYDFS Cyber Regulation)**.**

You combine this with **your IT technical know how** and understanding of **cyber security risks** and **controls** for cloud based services.

Ideally, you are experienced in **system hardening** and **maintaining secure systems, **and** **you** **are familiar with relevant hardening and compliance frameworks or guidelines (e.g. NIST, CIS Benchmarks).

You have **strong analytical and problem solving skills** and are able to leverage information from various information sources, to create meaningful and relevant summaries that can be understood by all relevant parties. You **find the right balance** between requirements outside of IT, IT risks, security and costs. You have the ability to answer verbal or written question in a nuanced and subtle way.

You have **good collaboration skills** with the ability to influence without formal authority. You can communicate well and discuss or review requirements with members from various IT departments (e.g. Data Center Operations, Network, Database, Security, Development, Helpdesk).