Digital Risk Advisor III

About Swiss Re

Swiss Re is one of the world’s leading providers of reinsurance, insurance, and other forms of insurance-based risk transfer. We combine experience with innovation to build solutions that make the world more resilient. At Swiss Re, you will find a flexible, multicultural, and inclusive working environment where people are encouraged to develop and grow.

About the Role

As a Third Party Cyber Risk Adivisor, you will be part of our global Third Party Cyber Risk Advisor service. You will contribute to reducing Swiss Re’s supply chain cyber exposure by assessing, monitoring, and supporting the remediation of risks associated with third-party relationships. You will work closely with business owners, procurement, legal, and security stakeholders to ensure Swiss Re’s security, resilience, regulatory compliance, and alignment with industry best practices.

You will

• Conduct cyber due diligence and monitoring of third parties at onboarding, during service, and at exit.
• Identify and assess risks, propose remediation measures, and coordinate mitigation activities with stakeholders.
• Maintain transparency of third-party risk posture and provide clear, business-oriented communication to decision makers.
• Define and communicate security requirements to third parties, and negotiate contractual obligations to safeguard Swiss Re’s interests.
• Support the preparation of risk reporting, dashboards, and audit responses.
• Collaborate with the Cyber Defense team in handling third-party related security incidents.
• Contribute to the continuous improvement of the TPCRM framework, methodology, and tools.

About the Team

You will join Security Services under the Chief Security Officer (CSO) organization. Our mission is to keep Swiss Re’s cyber and resilience risks within agreed tolerance levels while enabling the business. You will collaborate with colleagues across India and globally, working in a diverse and supportive team culture.

About You

• 2–4 years of professional experience in one or more of the following: Third Party Risk Management, outsourcing/vendor risk, IT or cyber risk, data protection, procurement and contract management, or information security.
• Good understanding of security standards and frameworks (ISO 27000 series, NIST, SOC2, ISAE 3000, etc.).
• Awareness of regulatory requirements relevant to third-party management and cyber risk.
• Experience in project management, ideally with ability to coordinate and lead cross-team initiatives.
• Proven skills in risk management, risk analysis, and risk mitigation activities.
• Strong communication and stakeholder engagement skills; able to explain technical risks in clear business language.
• Self-driven, adaptable, and able to deliver quality results in a dynamic environment.
• Bachelor’s degree in Information Security, IT, Law, Business, or a related field.
• Proficient in English (written and spoken).