Senior Risk Consultant – ESRM Cybersecurity Risk Management Specialist

at  HUB International

About HUB International
At HUB International, we are a team of entrepreneurs. We believe in empowering our clients, and we do so by protecting businesses and individuals in our local communities. We help businesses evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees. As a global firm, we offer employees resources in both technology and industry expertise, but we still maintain the local flavor of our offices. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence.
About HUB’s Risk Services Division
The division is a team of risk management consulting professionals with certification, education, and experience across a variety of industries and disciplines. Located throughout Canada and the USA, our team has the proven knowledge and experience to assist our clients to identify current and potential risks and implement controls to reduce their exposure to loss. Our goal is to assist clients to confidently identify, quantify, and reduce risk through the application of tailored solutions designed to protect what matters most: their people, property, and profitability.
About the Position
The Senior Risk Consultant – Cybersecurity Risk Management will join a team of senior risk consultants in leveraging Enterprise Security Risk Management (ESRM) principles and other accepted industry best practices in organizational resilience to identify hazards, assess risk, and develop and implement risk management solutions to HUB clients. As part of HUB’s Organizational Resilience Practice, the consultant’s primary focus will be cybersecurity risk management initiatives focused on prevention, response, recovery planning, and emerging tools and technologies to help clients mitigate and manage cybersecurity risk.

JOIN OUR TEAM:

Do you believe in the power of innovation, collaboration, and transformation? Do you thrive in a supportive and client focused work environment? Are you looking for an opportunity to help build and drive change in a rapidly growing and evolving organization? When you join HUB, you will be part of a community of learners and doers focused on helping our leaders maximize the potential of their employees.
Department Risk Management & Loss Control
Required Experience: 10-15 years of relevant experience
Required Travel: Up to 50%
Required Education: Master’s degree
Hi, we’re HUB.
In a rapidly changing world, we advise businesses and individuals on how to prepare for the unexpected.
When you partner with us, you’re at the center of a vast network of experts who will help you reach your goals through risk services, claims management, and compliance support.
And this gives you the peace of mind that what matters most to you will be protected — through unrelenting advocacy and tailored insurance solutions that put you in control.
About HUB International
Headquartered in Chicago, Illinois, HUB International Limited (HUB) is a leading full-service global insurance broker providing property and casualty, life and health, employee benefits, investment and risk management products and services. From offices located throughout North America, HUB’s vast network of specialists provides peace of mind on what matters most by protecting clients through unrelenting advocacy and tailored insurance solutions. For more information, please visit hubinternational.com

Collaborate with HUB account executives and clients to evaluate, mitigate, and deliver cybersecurity risk reduction programs
Provide exceptional service to clients across North America
Actively support HUB’s Canadian and U.S. national and regional ProEx Cyber teams with strategic insurance placement and risk control initiatives
Work collaboratively with HUB Risk Services Division consultants to ensure client needs are met
Consult with clients to understand risk management needs and objectives
Advise clients on best practices in comprehensive cybersecurity risk mitigation and management strategies
Support the implementation of risk management initiatives using generally accepted project management and consulting practices
Support client acquisition and retention activities
Develop and deliver C-Suite, management, and all employee level training sessions for clients as needed
Perform comprehensive cyber risk management program audits and assessments at client sites
Facilitate readiness drills and tabletop exercises at client sites
Develop/manage working relationships with insurance carrier and vendor partners
Provide subject matter awareness content and supporting collateral to HUB sales teams, service teams, and risk service consultants
Respond to requests for proposals regarding consulting opportunities with existing and prospective clients
Develop and deliver national and regional educational webinars in support of HUB marketing efforts
Respond to media requests for interviews and requests to speak at industry events
Contribute to special projects as required
Required Experience
Minimum ten (10) years of progressive experience as a risk/loss control consultant in the insurance brokerage or carrier environments, or as a cyber risk/security manager in industry, or other applicable enterprise security risk management roles
Varied industry experience across real estate, construction, hospitality, manufacturing, financial services, healthcare, and/or transportation industries is desirable
Graduate education in Business Management, Cybersecurity or an applicable field is desired
Risk Management/Loss Control experience in insurance is desirable
Completion of (or progression towards) professional cyber risk/security designations such as CISSP, CISM, CEH, CPP, PSP is desirable
Strong working knowledge of ESRM principles and security related national standards, guidelines, regulations
Experience with initiating and leading the development of an enterprise-wide cybersecurity program
Experience responding to, managing, and resolving breach incidents.
Consulting experience, including leading client engagements.
Experience guiding research to support new/updated methodology and model development for scoring cyber security and risk management maturity
Proven ability to understand and apply cybersecurity concepts including likelihood, probability, frequency, threat, vulnerability, and consequence for IT security issues
Proven ability to provide guidance on building and/or maturing information security programs and the implementation of tools and technologies used for enterprise security
Demonstrated experience in managing incident response engagements, preferably at the enterprise level: technical recovery, legal or compliance notifications, IR plan development, tabletop testing, etc.
Strong understanding of application, database, authentication, and network security principles
Advisory experience in compliance, regulatory, and risk management frameworks (i.e., HIPAA, PCI, NIST)
Excellent organizational, verbal, presentation/facilitation, and written communication skills
Proven analytical and problem-solving skills
Strong project management skills
Public speaking proficiency
Demonstrated attention to detail and accuracy, as well as the ability to work under pressure and consistently meet deadlines
Proficiency with the Microsoft Office suite of applications
Highly motivated with demonstrated ability to work independently with limited supervision
Ability to travel up to 30% in North America and work beyond normally scheduled work hours as necessary