Cybersecurity Audit Engagement Analyst

Starr Insurance Companies is a leading insurance and investment organization, providing commercial property and casualty insurance, including travel and accident coverage, to almost every imaginable business and industry in virtually every part of the world.
Cornelius Vander Starr established his first insurance company in Shanghai, China in 1919. Today, we are one of the world’s fastest growing insurance organizations, capable of writing in 128 countries on 6 continents.

The Cybersecurity Audit Engagement Analyst will be responsible for managing and responding to inbound cyber risk assessments and providing necessary artifacts for external, regulatory and internal audits. The ideal candidate will have a strong background in cybersecurity, excellent organizational skills, and the ability to effectively communicate with both internal and external stakeholders.

Key Responsibilities:
- Respond to inbound cyber risk assessments from insureds, partners, and regulatory bodies.
- Gather, organize, and provide required artifacts and documentation for external, regulatory and internal audits.
- Collaborate with various departments to ensure accurate and timely responses to audit requests.
- Maintain up-to-date records of all audit-related activities and documentation.
- Identify and address gaps in compliance and security controls, and work with relevant teams to implement corrective actions and remediations
- Develop and maintain cybersecurity policies, procedures, and guidelines to ensure compliance with industry standards and regulatory requirements.
- Stay informed about the latest regulatory changes, cybersecurity trends, and best practices.
- Prepare detailed reports and presentations for senior management, summarizing audit findings and remediation efforts.

Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, Risk Management,  Computer Science, or a related field.
- Minimum of 3 years of experience in cybersecurity audit, compliance, or a related role.
- Strong knowledge of cybersecurity frameworks, standards, and best practices (e.g., SCF, NYDFS, NIST, ISO 27001, CIS Controls).
- Proficiency in using audit and compliance management tools and technologies.
- Excellent organizational and project management skills.
- Strong communication and interpersonal skills, with the ability to engage effectively with stakeholders at all levels.
- Relevant certifications such as CISA, or similar are highly desirable, but not required.
Preferred Skills:
- Experience in a similar role within financial services/insurance or other regulated industry.
- Familiarity with regulatory requirements and compliance standards relevant to the organization.
- Ability to work independently and as part of a team in a fast-paced environment.
- Strong analytical and problem-solving skills.

#LI-EP1

Starr is an equal opportunity employer, which means we'll consider all suitably qualified applicants regardless of gender identity or expression, ethnic origin, nationality, religion or beliefs, age, sexual orientation, disability status or any other protected characteristic. We recruit and develop our people based on merit and we're committed to creating an inclusive environment for all employees. We offer first class training and development opportunities to all employees. Our aim is to grow our own talent and bring out the best in people.