Consultant, Cyber Technology Risk Professional

If you’re passionate about innovation and love working in an environment where you can constantly improve and adopt new technologies to drive business results, then Nationwide’s Information Technology team could be the place for you! At Nationwide®, “on your side” goes beyond just words. Our customers are at the center of everything we do and we’re looking for associates who are passionate about delivering extraordinary care.

Consultant, Cyber Technology Professional on the Continuity Management (CM) team must possess specific skills and qualifications. This role requires strong critical thinking abilities to analyze complex problems and develop innovative solutions. The individual must be adept at influencing others, effectively persuading and motivating stakeholders at all levels. This role will be accountable for driving increased communication and collaboration with teams such as Technology Operations, Architecture, and contingency planners within the business.  Managing ambiguity is crucial, as the role involves navigating and making decisions with limited information. The consultant must understand and optimize end-to-end processes, considering their impact on stakeholders and other teams. Clear and effective communication is essential to ensure transparency and understanding. 

 

Required skills include proven experience in problem-solving within a cyber technology context, strong written and verbal communication skills, the ability to influence and build relationships, and an understanding of end-to-end processes. Preferred qualifications include experience in continuity management or a related field, advanced critical thinking and analytical skills, and demonstrated ability to lead and influence cross-functional teams. 

 

Success in this role will be measured by the ability to effectively manage continuity processes, influence others, including business partners and stakeholders, and improve end-to-end processes.  

Compensation grade G5

Job Description Summary

If you’re enthusiastic about delivering secure technology solutions to support a company providing extraordinary care to its customers, then Nationwide Technology is the place for you. Nationwide's industry-leading technology workforce embraces an agile work environment and a collaborative culture to deliver outstanding solutions and results. If that sounds like something you aspire to, we want to hear from you!

As a Cyber Technology Risk Professional, you'll be entrusted to protect Nationwide. You'll identify issues and develop solutions for cyber security problems. You'll assess, report, and manage cyber risk through constant interaction with our technology and business partners. You'll gain an understanding of leading-edge technologies that play a key part in keeping Nationwide safe in our increasingly threatening world. You'll also help to build long-term relationships with potential Nationwide partners by providing up-to-date information on our Information Security Practices and thereby differentiating ourselves from our competitors by ensuring Nationwide is resilient in an ever-changing world and can meet, and exceed, its regulatory obligations while protecting our customers and business partners.

Job Description

Key Responsibilities:   

• Improves the risk posture pertaining to confidentiality, availability, and integrity of assigned area by identifying, documenting, and communicating cyber risks; by demonstrating a continuous learning mindset. 

• Manages the development and delivery of key risk metrics. 

• Responsible for applying secure software and systems engineering practices throughout the delivery lifecycle to ensure our data and technology solutions are protected from threats and vulnerabilities. 

• Understands current risk posture of portfolio (including regulatory and compliance), establishes priorities, communicates risk issue mitigation plan development, decisions, and recommendations, and closes risk issues on time. 

• Integrates technology risk practices to reduce/minimize business risk. 

• Compliance: Consults with external regulators to respond to inquiries, audits, and programs properly and accurately. Partners on compliance risks for internal and external regulatory audits, programs, and assigned tasks. Continuously matures compliance capabilities. Identifies and resolves policy compliance discrepancies. Manages the response to Request for Proposal (RFP), Request for Information (RFI), and Diligence inquiries. 

• Risk Partner: Completes moderate to complex risk assignments on time, achieving set milestones. Performs and tracks moderate consulting efforts to enhances cyber posture. Continuously matures security posture. Facilitates the adoption of IRM capability efforts within assigned area. Advances application and cloud security to counteract evolving cyber threats. Partners with Cyber Security Operations Center (CSOC) to manage Incident Response and Privacy within designated area. 

• Continuity: Performs Business Impact Analysis to identify enterprise-critical processes. Collaborates with peers and partners to develop test plans and strategies, monitor exercises, and communicate results. Establishes a crisis management response and fosters leader relationships. Provides thought leadership to advance continuity and resiliency capabilities and guide risk mitigation incorporating current and new emerging technology and continuity best practices. 

May perform other responsibilities as assigned. 

 

Reporting Relationships: Reports to Manager, Risk Leader or above. 

 

Typical Skills and Experiences:   

 

Education: Undergraduate studies in cyber security, management information systems, engineering, math, computer science, data analytics or comparable experience and education strongly preferred. Graduate studies in cyber security, computer science or a related field are a plus. 

 

License/Certification/Designation: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Business Continuity Professional (CBCP) or another cyber certification preferred. 

 

Experience: Typically, six years of experience in one or more information risk management capabilities and/or information audit systems. Four years of experience in Technology. 

 

Knowledge, Abilities and Skills: Ability to make decisions and recommendations. Aptitude to influence, build relationships and set priorities. Excellent oral and written communication skills to interact with all levels of associates, senior management and/or vendors. Insurance and/or financial services industry knowledge a plus. 

 

Other criteria, including leadership skills, competencies and experiences may take precedence.  

 

Staffing exceptions to the above must be approved by the hiring manager’s leader and Human Resource Business Partner. 

 

Values: Regularly and consistently demonstrates Nationwide Values. 

 

Job Conditions:   

 

Overtime Eligibility: Exempt (Not Eligible) 

 

Working Conditions: Hybrid to normal office environment.  

  

ADA: The above statements cover what are generally believed to be principal and essential functions of this job. Specific circumstances may allow or require some people assigned to the job to perform a somewhat different combination of duties.  

Benefits

We have an array of benefits to fit your needs, including: medical/dental/vision, life insurance, short and long term disability coverage, paid time off with newly hired associates receiving a minimum of 18 days paid time off each full calendar year pro-rated quarterly based on hire date, nine paid holidays, 8 hours of Lifetime paid time off, 8 hours of Unity Day paid time off, 401(k) with company match, company-paid pension plan, business casual attire, and more. To learn more about the benefits we offer, click here.

Nationwide is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive culture where everyone feels challenged, appreciated, respected and engaged. Nationwide prohibits discrimination and harassment and affords equal employment opportunities to employees and applicants without regard to any characteristic (or classification) protected by applicable law.