Support the global Cyber Risk function within the Security and Privacy Organization of Insulet’s Technology department
Independently lead end-to-end system risk assessments for applications, platforms, and infrastructure
Assess risks aligned to internal standards and industry frameworks
Identify control gaps, evaluate inherent and residual risk, and recommend pragmatic remediation options
Partner with system owners, engineering, and architecture teams
Own and maintain assigned portions of the enterprise cyber risk register
Drive risk lifecycle activities, including risk intake, treatment planning, acceptance, and closure
Actively collaborate with the Incident Response team during security incidents
Serve as a trusted cyber risk advisor to technology, security, privacy, legal, and business stakeholders
Contribute to the development and refinement of risk metrics, dashboards, and trend reporting

Bachelor’s degree or related experience in IT, MIS, computer science, or related technology discipline (preferred)
5
8 years IT/Cyber Risk Management experience in a highly regulated industry
Good understanding and applied knowledge of cybersecurity risk and control frameworks such as NIST CSF, NIST 800-53, CMMC, ISO 27K series, CIS Critical Security Controls, CSA Cloud Control Matrix, Cyber Essentials Plus
Demonstrated experience leading system / application risk assessments in large or complex environments
Experience maintaining or managing an enterprise cyber risk register
Exposure to cybersecurity incidents and postincident analysis
Ability to solve problems through communication and compromise across technical and non-technical audiences
Willingness to pursue related certifications (CRISC, CISM, CISSP, etc)

Senior Analyst, Cyber Risk Assurance

Key skills