Geminia Insurance Company Limited •
Develop and implement the information security strategy for Geminia Insurance Company. Oversee the security of both cloud and on-premises environments, ensuring robust cybersecurity measures, data privacy compliance, and effective risk management frameworks are in place. Serve as the focal point for all cybersecurity-related engagements and initiatives. Ensure compliance with applicable data protection and privacy regulations, including GDPR and relevant local insurance regulatory frameworks. Establish and maintain cybersecurity risk management programs to assess, mitigate, and monitor risks across cloud and on-premises environments. Monitor security risks and ensure proper documentation, reporting, and remediation plans are in place. Lead security audits, assessments, and regulatory reporting for internal stakeholders and oversight bodies. Design, implement, and maintain enterprise security architecture and infrastructure security controls. Implement and enforce best practices for identity and access management, network security, encryption, endpoint protection, and cloud security. Develop, maintain, and test the cybersecurity incident response framework to ensure rapid detection, containment, and resolution of security incidents. Establish a proactive threat intelligence capability to detect, respond to, and mitigate emerging cyber threats. Conduct vulnerability assessments, penetration testing, and security reviews to continuously improve the organization's security posture. Provide cybersecurity oversight for third-party vendors and partners, including security due diligence and risk assessments. Lead staff security awareness and training programs to promote strong cyber hygiene and compliance with security best practices. Evaluate and implement advanced security technologies and frameworks to strengthen the organization’s cybersecurity capabilities. Advise management on cyber risk trends, vulnerabilities, and mitigation priorities.