You desire impactful work.
 

You’re RGA ready

RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 200 Company and listed among its World’s Most Admired Companies, we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.

The Senior Security Risk Analyst will be responsible for identifying, assessing, reporting, and monitoring security risks across RGA’s enterprise security and business functions. This role involves collaborating with various departments to ensure compliance with security policies and standards, while additionally recommending security measures to protect RGA’s assets from potential threats.

Principal Duties

• Conduct comprehensive security risk assessments of enterprise systems and processes, as well as provide recommendations for risk mitigation.

• Review, analyze, and provide recommendations for policy, standard, and baseline configuration exceptions.

• Perform vendor risk assessments to include inherent & residual risk identification, analysis, and mitigation, and additionally track risk remediation to completion.

• Provide recommendations for vendor contractual requirements stemming from vendor risk assessment outcomes.

• Serve as a project security advisor including risk analysis gate checks in the secure SDLC process.

• Conduct thorough threat modeling exercises to identify potential security vulnerabilities and risks.

• Stay current on security trends, threats, and best practices to continuously improve the organization's security posture.

• Perform other duties as assigned.

Education

• Required: Bachelor’s degree or equivalent experience

• Preferred: Master’s degree and/or LOMA certification

Required Experience, Abilities, and Skills

• 5-8 years of IT security, privacy, audit, controls and regulatory compliance, or related experience.

• Experience conducting risk assessments aligned with industry standard frameworks & standards.

• Advanced understanding of IT domains: infrastructure, networking, storage, databases, operating systems, cloud, applications, etc.

• Strong understanding of security technologies and domains, including: SSO, IAM, DLP, EDR, SIEM, firewalls, gateways, IDS/IPS, CASB, antivirus, SSDLC, cryptography, PKI, etc.

• Knowledge of risk and control frameworks/standards (e.g., NIST CSF, NIST 800-53, ISO/IEC 27001, NIST 800-30, ISO/IEC 27005, etc.).

• Oral and written communication skills, demonstrating the ability to convey complex technical and security concepts and terminology to non-technical stakeholders.

• Ability to manage multiple projects/tasks simultaneously, including the ability to delegate key areas of responsibility.

• Ability to successfully liaise with individuals across a wide variety of operational, functional, and technical disciplines.

• Excellent analytical, problem-solving, and critical-thinking skills.

Preferred Experience, Abilities, and Skills

• 2+ years leadership role experience

• Insurance/Reinsurance industry knowledge/experience

• Information security, compliance, risk, or audit professional certifications, such as: CISSP, CISA, CISM, CGEIT, CRISC, CPA, OSCP, CCSP, CCSK

• Project management skills/experience

Preferred Technical Experience

• Cloud risk assessment experience (e.g., AWS, Azure, Google Cloud, etc.)

• Cyber Risk Quantification (CRQ) experience (e.g., FAIR)

• Automation experience: Python, REST API, PowerShell, etc.

• Previous experience as a Systems Administrator, IT Auditor, Developer, Security Engineer, Penetration Tester, Cloud Engineer

#LI-CW1

#LI-Remote

What you can expect from RGA:

• Gain valuable knowledge from and experience with diverse, caring colleagues around the world.

• Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.

• Join the bright and creative minds of RGA, and experience vast, endless career potential.

We’re excited to get to know you and connect your unique skills with our global opportunities. To create a modern and seamless experience, we use artificial intelligence (AI) in parts of our preliminary screening process. This technology helps us personalize job recommendations, automate interview scheduling, evaluate candidates based solely on experience—without considering name, gender, or other personal details—and provide real-time answers through our chatbot. AI is used only during early screening and never makes hiring decisions. Your RGA recruiter will work closely with you every step of the way to ensure the process feels personal, thoughtful, and focused on you.

Compensation Range:

$89,310.00 - $134,870.00 Annual

Base pay varies depending on job-related knowledge, skills, experience and market location. In addition, RGA provides an annual bonus plan that includes all roles and some positions are eligible for participation in our long-term equity incentive plan. RGA also maintains a full range of health, retirement, and other employee benefits.

RGA is an equal opportunity employer. Qualified applicants will be considered without regard to race, color, age, gender identity or expression, sex, disability, veteran status, religion, national origin, or any other characteristic protected by applicable equal employment opportunity laws.