Cybersecurity and Technology Risk Management Analyst (H/F)

Primary Details Time Type: Full time Worker Type: Employee The Opportunity: The purpose of this role is to support the NAU IT team with their risk management activities as well as engaging with the Enterprise Risk Management (ERM) team to execute the risk management program. Additionally, the role is responsible for ensuring adherence to relevant policies and standards governing Risk and Control Self-Assessment across the NAU IT organization, providing ongoing education and training, facilitating risk and control identification and assessment, and reporting progress and issues. The role will work closely with various teams to provide assurance over the Risk Management framework. Work Arrangement: This role will require 3 days/week in the office. The hours for this role are 7:30am-4:15pm CST Monday through Thursday, and 7:30am-12pm CST on Fridays Deliver insightful reporting on IT Risk Management activities. Collect risk information and metrics to support monitoring against risk appetite. Ensure adherence to all Risk standards within the organization. Perform data quality monitoring and correct issues to ensure completeness and accuracy. Lead the IT Risk Control and Self Assessment (RCSA) and complete in Insight. Complete the Risk Maturity Self-Assessment. Maintain controls and lead semi-annual control testing efforts Track IT Major Incidents and follow-up actions, including incidents flagged for Problem Management.. Complete the quarterly Risk Appetite Statements. Coordinate QBE policy and minimum control standards (MCS) reviews. Participate in policy update meetings with QBE and socialize changes to NAU. Coordinate NAIC with US Map and agent surveys. Monitor the UIT/Shadow IT register and provide monthly UIT updates. Coordinate penetration testing and track any issues created from the findings. Coordinate Application Attestation and report on the results. Provide training to employees on risk management responsibilities.. Prepare Risk Management communications including IT Update newsletter articles. Support the 'Second Line of Defense' role by monitoring business unit risk management activities. Maintain a strong network with risk professionals internally and externally. Necessary Work Experience includes: ~ Some relevant risk management work experience, preferably within Information Technology. Preferred Work Experience includes: Experience in delivering Risk Management services. Experience in Cyber Security or Information Technology. Experience in data analytics. Exposure to insurance or financial services in a similar role is preferred General knowledge of risks, process flow, controls and outputs of an insurance operation Fundamental knowledge of data analysis, extraction and management techniques for insurance portfolios Power BI, Tableau, etc) Understanding of risk management concept and practices Excellent communication skills to work effectively with cross-functional teams and business stakeholders College Degree or equivalent combination of education and work experience. Qualification in Risk Management. Together, we combine history, expertise, innovation, and a shared commitment to excellence to provide unparalleled insurance solutions to our customers and communities worldwide. Beyond the base salary, regular full-time and part-time employees will also be eligible for QBE’s annual discretionary bonus plan based on business and individual performance.QBE Benefits: We offer a range of benefits to help provide holistic support for your work life, whatever your circumstances. Hybrid Working – a mix of working from home and in the office ~Well-being program including holistic wellbeing coaching, gym membership, confidential counselling, financial and legal advice ~ Tuition Reimbursement for professional certifications, and continuing education ~ Employee Network and Community – QBE actively supports six Employee Networks, and many ways to give back to your community At QBE, we’re enabling a more resilient future – for our customers, communities, environment, and for our people. We’re building momentum to achieve something significant and know our people are at the center of our success. Our industry offers interesting and varied careers where you can help people to protect what matters most. And our international scale means we’re big enough for your ambitions, yet small enough for you to make a real impact. Commitment to Diversity QBE is committed to providing reasonable accommodation to, among others, individuals with disabilities and disabled veterans. If you need an accommodation because of a disability to search and apply for a career opportunity with QBE, please inform our Talent Acquisition team to let us know the nature of your accommodation request and your contact information. religious practices and observances; pregnancy, childbirth, or related medical conditions; protected veteran status; or disability or any other legally protected status. Analytical Thinking, Communication, Conflict Resolution, Critical Thinking, Data Management, Data Quality Assessments, Detail-Oriented, Enterprise Risk Management (ERM), Intentional collaboration, Managing performance, Operational Risks, Process Improvements, Risk Assessments, Risk Management, Stakeholder Management Application Close Date: 12/10/2025 11:59 PMHow to Apply: To submit your application, click "Apply" and follow the step by step process.