At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
The Enterprise Information Risk and Cybersecurity (EIRC) department is growing, and we are looking for a Lead Product Manager for our Cyber and Information Risk Quantification team. The Risk Analytics Program in EIRC is charged with building a clear risk-strategy connection based on reliable, high-quality data to correlate Security metrics and insights with our risk appetite and tolerances resulting in value-driven IT risk management decisions.
The Lead Product Manager for Cyber and Information Risk Quantification will be accountable for the delivery of annualized loss exposure estimates derived from Cyber and Information risk scenarios based on the FAIR Controls Analytics Model (FAIR-CAM)TM. You will lead a diverse, multi-disciplinary team of data scientists, risk analytics professionals, and data engineers to build data products and analytical solutions that drive value-based decision-making about IT risks. You will have broad visibility and impact on both qualitative and quantitative methods used to assess IT Risks in our enterprise, and you will be a key liaison for our Risk Data Platform, Security Metrics & Insights, Behavioral Analytics, and other partner teams. Come join us and let’s realize the vision for our Risk Analytics Program together: Unify actions and decisions around our most critical IT risks and strengthen the security ecosystem through orchestration of metrics and insights driven by integrated risk data and a scalable data platform.
What's the role?
- Leads as Technical Product Owner and works with a multi-disciplinary team of data engineers, risk analytics professionals, and data scientists in an Agile environment.
- Defines a product vision and strategy for the delivery of actionable cyber and IT risk quantifications using FAIR-CAMTM.
- Provides thought-leadership and mentorship on how to establish cohesive connections between quantitative and qualitative data analysis results across the security domain.
- Accountable for defining a roadmap for the integration of the technical products into our cyber transformation strategy in collaboration with key partners from affiliated security organizations.
- Builds and validates use cases, epics, features, and user stories around an analytics product and communicates them effectively.
- Develops and maintains a prioritized backlog of user stories for implementation according to business value.
- Creates and produces insights on our annualized loss exposure based on quantitative cyber and IT risk scenario analyses leveraging data and metrics from Threat Intelligence, Asset Portfolio Management, Controls Effectiveness, and others.
- Accountable for gathering technical and functional requirements that the risk quantification team translates into estimates of frequency and magnitude of loss from cyber and IT risks.
- Provides consultation to business clients and senior leadership, applies new perspectives, solves problems creatively, and builds inter-departmental connections with business and technical leaders to improve analytical capabilities and risk data literacy.
- Solves unique problems with broad impact on the business; requires conceptual and innovative thinking to develop solutions.
- Offers consultations on value-driven decision-making based on cyber and IT risk quantification results using FAIR-CAMTM.
- Supports control mapping to risks and associated information risk frameworks.
- Acts as a trusted advisor for cyber and IT risk quantification across the enterprise.
- Must have at least 2 years of experience leading complex, cross-functional work, strong communication and data literacy skills, time management, business acuity and high self-awareness/EQ.
- Bachelor's degree in Business, Data Science, Operations Research, Statistics, MIS or related field.
- 6-8 years of dynamic experience in research and data analysis, application of statistical research techniques, and application development that supports business decisions and strategic outcomes.
Preferred experience and professional certifications:
- One or more advanced risk or cybersecurity certifications (e.g. CRISC, CISA, CISM, CCSP, CISSP, Open Group FAIR).
- Defined and operated processes to provide quantitative analysis of risk, to include the calculation of probability and financial impact of potential loss events into our risk management framework, and to prioritize risk mitigation activities based upon calculated return on investment and the organization's established risk tolerances.
- Understanding of Integrated Risk Management, Cybersecurity, and Data Privacy.
- Statistical programming and data mining experience using R or Python.
- Experience with cloud technologies such as AWS, MS Azure, Google Analytics.
- Scrum/SAFe Product Management or Product Owner certification.
- Highly competitive compensation, including annual bonus opportunities
- Medical/Dental/Vision plans, matching 401(k), pension program
- Tuition reimbursement, commuter plans, and paid time off
- Extensive Professional Training Opportunities
- Excellent Work/Life Balance
- Hackathons/Dedication to Innovation.
Grow your career with an outstanding company that puts our client’s interests at the center of all we do. Get started now! .
This job is not covered by the existing Collective Bargaining Agreement.
Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.
FIND YOUR FUTURE
We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.
Flexible work schedules
Employee resource groups