OT Security Engineer configuring firewalls and IoT gateways in industrial networks. Collaborating on OT - Security standards while ensuring secure remote - access infrastructures.
About the role
- Global Cyber Security Governance Specialist at QBE providing insights on security posture and control performance. Engage stakeholders and enhance cyber security governance.
Responsibilities
- Monitor and analyse cyber control performance metrics and key risk indicators (KRIs) to identify trends, emerging risks, and opportunities for control uplift
- Develop and maintain reporting artefacts (e.g. dashboards, briefings, governance packs) that clearly communicate security posture and risk insights to a range of stakeholders, including senior management and governance forums
- Translate complex control and risk data into actionable insights, enabling stakeholders to make informed trade-offs aligned with QBE’s risk appetite and strategic priorities
- Support cyber scenario modelling activities, including scenario definition, refinement, and alignment with threat intelligence and attack tree structures
- Ensure scenarios remain accurate, defensible, and relevant to QBE’s operating environment, drawing on established methods and practices referenced in stakeholder materials and scenario modelling roadmaps
- Collaborate with control owners, delivery teams, and second-line functions to improve the quality, clarity, and consistency of control performance data and reporting inputs
- Support the integration of control telemetry and other evidence-based measures into reporting processes, with a focus on control immutability and automation where feasible
- Contribute to the continuous improvement of governance and reporting frameworks, ensuring alignment with QBE’s cyber strategy, regulatory obligations, and business needs
- Participate in targeted, risk-informed assurance activities that validate control effectiveness in high-priority areas, complementing formal audits and RCSA processes
- Act as a feedback channel to Strategy & Architecture and other stakeholders, highlighting implementation challenges or systemic issues surfaced through metrics or reporting
- Engage stakeholders to support a culture of risk transparency and accountability, encouraging proactive issue identification and evidence-based dialogue
- Support audit and regulatory engagement by ensuring reporting artefacts and supporting evidence are accurate, consistent, and audit ready
Requirements
- Ability to get deeply technical and apply that skill to the business environment
- Exceptionally curious and enquiring mindset with an ability to be fast-paced and agile in meeting business needs
- Strong communication, negotiation, and conflict management skills, with an ability to anticipate and flag potential obstacles
- Experience with security and risk-based standards, Microsoft Excel, Power BI and ERC tools
- Experienced in working across time zones and collaborating in a multi-location environment
Benefits
- Hybrid Working – a mix of working from home and in the office to enhance your work/life balance
- Free holistic wellbeing coaching, nutritional, confidential counselling, financial and legal advice
- 18 weeks’ gender-equal flexible leave for all new parents, including paid super
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Location requirements
Security Architect responsible for designing and implementing cybersecurity infrastructures and solutions. Working in hybrid mode for various clients in Hospitalet, Spain.
Conseiller en sécurité opérationnelle TI pour projets clients dans le secteur public à Québec City. Analyser les risques et développer les mesures de sécurité nécessaires.
Security Engineer building GRC framework and conducting risk assessments for cybersecurity startup. Collaborating across teams to enhance compliance and security culture in organization.
Senior Cybersecurity Engineer implementing solutions for Kubernetes platform at Workday. Collaborating across teams and maintaining security standards for cloud infrastructure.
Regional Security Manager at Dexcom leads security for offices across EMEA. Overseeing incident response, security assessments, and vendor management in a dynamic environment.
Lead Security Detection Response Engineer designing innovative security systems for a venture capital firm. Collaborate across product and infrastructure to enhance detection and response capabilities.
Network Security Engineer supporting Cloudflare's sophisticated customers in resolving technical issues and mitigating attacks. Engaging with various Cloudflare products and collaborating with Engineering and Ops teams.
Principal Engineer in Product Security at commercetools solving technical challenges for an ambitious product. Collaborating with teams to build secure services on multi - cloud infrastructure.
Principal Engineer Product Security supporting Engineering by solving technical problems and building secure services. Collaborating with teams to drive product security and improve security posture.