Cyber Risk Specialist

The Cyber Risk Specialist plays a crucial role in conducting risk assessments, analyzing threats and vulnerabilities, and supporting compliance initiatives.

We are The Jamaica National Group Limited, representing a globally respected brand, boldly finding ways to enrich lives and build better communities. Our core values make us who we are and are demonstrated in everything we do; rooted in RESPECT we believe our everyday jobs contribute to something bigger than ourselves. We are dependable and pride ourselves in our authenticity and in the transparent solutions we create that bring value to our customers. 

Join our team as a Cyber Risk Specialist where you'll play a crucial role in conducting risk assessments, analyzing threats and vulnerabilities, and supporting compliance initiatives. Reporting to the Cyber Risk and Assurance Manager, you'll be responsible for supporting the Cyber Risk and Assurance Manager with the oversight of the organization's cyber risk management and assurance portfolio by identifying, assessing, and mitigating cybersecurity risks.

Contract: Permanent

Category: Assistant Manager

Key Responsibilities:

• Perform risk assessments for internal systems, applications, and processes to identify and evaluate potential security risks.
• Analyze threat intelligence to identify potential security risks and vulnerabilities affecting the organization
• Assist in managing the vulnerability management program, including identifying, tracking, and supporting the remediation of vulnerabilities
• Assist in conducting audits and assessments to ensure compliance with cybersecurity frameworks (e.g., ISO 27001, NIST, PCI DSS).
• Collaborate with the SOC team during security incident investigations, providing analysis of potential impacts on the organization’s risk posture.
• Develop and support initiatives to improve organizational awareness of cybersecurity risks and best practices.
• Prepare detailed reports on risk assessments, vulnerability analysis, and compliance activities for stakeholders.

Requirements

• Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Risk Management, or related field.
• Minimum of at least 2-4 years of relevant experience or an equivalent combination of education and experience
• Familiarity with risk assessment methodologies, threat analysis, and compliance frameworks
• Knowledgeable of cybersecurity frameworks and compliance standards (e.g., ISO 27001, NIST, CIS, PCI DSS)
• Ability to analyze technical and non-technical data to assess risks and vulnerabilities.
• Preferred certifications such as, but not limited to: Security+, CySA+, ISO 27001 Lead Auditor/Implementor, CEH, CRISC or equivalent
• Excellent communication, problem-solving and report-writing skills
• Ability to work collaboratively with cross-functional teams and with external stakeholders.

SKILLS AND COMPETENCIES

• Excellent Communication & Report Writing – Ability to convey complex cybersecurity concepts clearly to technical and non-technical stakeholders.
• Customer-Oriented Approach – Focused on delivering security solutions that align with business needs.
• Strategic & Analytical Thinking – Strong ability to assess risks, analyze threats, and develop proactive security strategies.
• Technical Proficiency – Expertise in cybersecurity frameworks, risk assessments, and compliance standards.
• Professional Confidence & Integrity – Demonstrates ethical decision-making and reliability in handling sensitive security matters.
• Problem-Solving & Planning – Strong ability to identify risks, develop mitigation strategies, and execute effective solutions.

You are invited to apply for this opportunity to be a part of an organization that values quality service and sound business practices.

CLOSING DATE FOR APPLICATION : FEBRUARY 14, 2025