Global Cyber Security Governance Specialist

About the position Responsibilities • Monitor and analyze cyber control performance metrics and key risk indicators (KRIs) to identify trends, emerging risks, and opportunities for control uplift. • Develop and maintain reporting artefacts (e.g. dashboards, briefings, governance packs) that clearly communicate security posture and risk insights to a range of stakeholders, including senior management and governance forums. • Translate complex control and risk data into actionable insights, enabling stakeholders to make informed trade-offs aligned with QBE's risk appetite and strategic priorities. • Collaborate with control owners, delivery teams, and second-line functions to improve the quality, clarity, and consistency of control performance data and reporting inputs. • Support the integration of control telemetry and other evidence-based measures into reporting processes, with a focus on control immutability and automation where feasible. • Contribute to the continuous improvement of governance and reporting frameworks, ensuring alignment with QBE's cyber strategy, regulatory obligations, and business needs. • Participate in targeted, risk-informed assurance activities that validate control effectiveness in high-priority areas, complementing formal audits and RCSA processes. • Act as a feedback channel to Strategy & Architecture and other stakeholders, highlighting implementation challenges or systemic issues surfaced through metrics or reporting. • Engage stakeholders to support a culture of risk transparency and accountability, encouraging proactive issue identification and evidence-based dialogue. • Support audit and regulatory engagement by ensuring reporting artefacts and supporting evidence are accurate, consistent, and audit-ready. Requirements • Experience in cyber security governance and assurance. • Strong analytical skills with the ability to interpret complex data. • Excellent communication skills to convey technical information to non-technical stakeholders. • Proficiency in developing reporting artefacts such as dashboards and governance packs. • Ability to collaborate effectively with various teams and stakeholders. Nice-to-haves • Experience with risk management frameworks and methodologies. • Familiarity with regulatory requirements related to cyber security. • Knowledge of control performance metrics and key risk indicators (KRIs). Benefits • Hybrid Working - a mix of working from home and in the office. • 22 weeks of paid leave for family growth, with 12 weeks available to all parents on a gender-equal basis. • Competitive 401(k) program with company match up to 8%. • Well-being program including holistic wellbeing coaching, gym membership, confidential counselling, financial and legal advice. • Tuition Reimbursement for professional certifications, and continuing education. • Employee Network and Community - QBE actively supports six Employee Networks, and many ways to give back to your community. Apply tot his job