Gallagher is an international insurance brokerage and risk management services firm. The M&A Cybersecurity Analyst will manage core IT risk management processes related to cybersecurity risks during the acquisition life cycle, working independently to conduct risk assessments and collaborate with stakeholders.
Define individual performance objectives and development of plans to ensure alignment with organizational objectives.
Plan and conduct Cybersecurity risk assessments of potential Merger Partners/Targets, focusing on High-Risk Security Issues that may not be remediated during typical integration activities.
Use of M&A Cybersecurity risk evaluation tools to help reduce organizational cyber and security risks related to Acquisitions.
Collaborate with applicable stakeholders to determine appropriate recommendations for all identified cybersecurity risks.
Provide regular updates to the Project Management team to help manage internal audit support mechanisms, findings, responses, and remediation efforts.
Provide technical expertise to Leadership and Divisional Business stakeholders to ensure cybersecurity risks are identified, managed, and/or mitigated in a manner that reduces risk to the enterprise.
Identify opportunities to improve processes/procedures that govern the M&A Cybersecurity Program.
Support the development of key performance indicators (KPIs) and reporting metrics to key stakeholders within defined timeframes.
Leads and supports pre-close M&A Cybersecurity risk assessments for potential Merger Partners/Targets.
Gather and analyze Due Diligence materials provided by Targets and Divisional M&A IT Leads.
Develop M&A Cybersecurity Risk Assessment Memos and interpret Due Diligence materials to identify cybersecurity risks to the organization.
Coordinate with Divisional Business individuals to gain approval on M&A Cybersecurity Memos, Management Action Plans, etc.
Submit M&A Cybersecurity Risk Assessment Memos for internal peer review and final QA before it is distributed to relevant internal stakeholders.
Conduct peer review for other M&A Cybersecurity Risk Assessments in progress, as needed.
Identify patterns and trends as part of the Cybersecurity Risk Assessment process to support improvement activities.
Qualification
Required
Bachelor’s degree in business, computer science, or related field, or equivalent experience
Two to five years of experience in M&A Cybersecurity Risk Assessments, Information Security, Risk Management, Operational Risk, or Compliance
Experience with Cybersecurity principles and techniques related to concepts of least privilege, risk management, vulnerability management, identity and access management, access controls, and segmentation
Thorough understanding of process management and control environments
Strong analytical and critical thinking skills to support assessment of cybersecurity risk and appropriate courses of action
Effective written/oral communication skills to present Cybersecurity Risk Assessment report information to Divisional stakeholders, SMEs, and related GCIS teams
Experience executing large global projects with slim timelines and schedules
Organizational skills to prioritize risks and actions using a risk-based approach
Proficiency in using MS Office suite of products
Preferred
CISSP, CRISC and/or other relevant industry certifications
Benefits
Medical/dental/vision plans, which start from day one!
Life and accident insurance
401(K) and Roth options
Tax-advantaged accounts (HSA, FSA)
Educational expense reimbursement
Paid parental leave
Digital mental health services (Talkspace)
Flexible work hours (availability varies by office and job function)
Training programs
Gallagher Thrive program - elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing
Charitable matching gift program
And more...
Gallagher is an international insurance brokerage and risk management services firm.
Glassdoor
3.6
Founded in 1927
Rolling Meadows, Illinois, USA
10001+ employees
http://www.ajg.com
Gallagher is an international insurance brokerage and risk management services firm.
