AIR Worldwide (AIR), a Verisk business, provides risk modeling solutions that make individuals, businesses, and society more resilient to extreme events. In 1987, AIR Worldwide founded the catastrophe modeling industry and today models the risk from natural catastrophes, terrorism, pandemics, casualty catastrophes, and cyber attacks, globally. Insurance, reinsurance, financial, corporate, and government clients rely on AIR’s advanced science, software, and consulting services for catastrophe risk management, insurance-linked securities, site-specific engineering analyses, and agricultural risk management. AIR Worldwide, is headquartered in Boston with additional offices in North America, Europe, and Asia. To learn more about AIR, please visit us at: www.air-worldwide.com. We are proud to be a part of the Verisk family of companies!  

At the heart of what we do is help clients manage risk. Verisk (Nasdaq: VRSK) provides data and insights to our customers in insurance, energy and the financial services markets so they can make faster and more informed decisions.    

 Our global team uses AI, machine learning, automation, and other emerging technologies to collect and analyze billions of records. We provide advanced decision-support to prevent credit, lending, and cyber risks. In addition, we monitor and advise companies on complex global matters such as climate change, catastrophes, and geopolitical issues.    

But why we do our work is what sets us apart. It stems from a commitment to making the world better, safer and stronger.    

It’s the reason Verisk is part of the UN Global Compact sustainability initiative. It’s why we made a commitment to balancing 100 percent of our carbon emissions. It’s the aim of our “returnship” program for experienced professionals rejoining the workforce after time away. And, it’s what drives our annual Innovation Day, where we identify our next first-to-market innovations to solve our customers’ problems.    

At its core, Verisk uses data to minimize risk and maximize value. But far bigger, is why we do what we do.   

At Verisk you can build an exciting career with meaningful work; create positive and lasting impact on business; and find the support, coaching, and training you need to advance your career.  We’ve been recognized by Forbes as a World’s Best Employer and a Best Employer for Women, testaments to our culture of engagement and the value we place on an inclusive and diverse workforce.  

AIR is looking for an Information Security Manager who will be will be responsible for overall management of AIR’s Information Security Management system.  The ISM will develop policies and procedures and work with the infrastructure team to implement controls that ensure compliance to security standards. The ISM should be familiar with a variety of the industry concepts, practices, and procedures and will rely on experience and judgment to plan and accomplish goals. The position requires interaction and presentations to customers, internal stakeholders, and the management team.

The Role:
The ideal candidate will be able to work with stakeholders, including IT, business, product, and software development team members to influence the application dataflow design and extensible product platform architecture. 

The role will perform the following (but not limited to) tasks;

• Provide oversight and monitoring of risk mitigation activities via the coordination of information security management systems and controls.
• Manage the oversight of risk assessments, including but not limited to, vulnerability scanning, penetration testing, and new infrastructure
• Support the sales team with security related content and customer responses
• Identify gaps in existing application security infrastructure to meet project requirements
• Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
• Analyze and design controls to secure public/private/hybrid cloud deployments 
• Remain current with industry best practices and monitor the legal and regulatory environment for developments that could require changes to established policies, standards and practices.

You should have:

·         Bachelor’s degree in technical field with 10+ years’ experience as a Security Engineering

·         Knowledge and understanding of application or software security such as: web application penetration testing, secure code review, secure static code analysis, and vulnerability remediation 

·         Understanding of the OWASP Top 10 application security risks and how to address them

·         Working knowledge of relevant security regulations such as ISO and SOC2 

·         Strong leadership, motivation and change management skills

#LI-AO1

Verisk Analytics is an equal opportunity employer. 

All members of the Verisk Analytics family of companies are equal opportunity employers. We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran's status, age or disability. 

http://www.verisk.com/careers.html 

Unsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property. Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.  

Consumer Privacy Notice