The Baldwin Group

Compensation

Full Description

Why MSI? We thrive on solving challenges. As a leading MGA, MSI combines deep underwriting expertise with insurer and reinsurer risk capacity to create specialized insurance solutions that empower distribution partners to meet customers’ unique needs. We have a passion for crafting solutions for the important risks facing individuals and businesses. We offer an expanding suite of products – from fully-digital embedded renters coverage to high-value homeowners insurance to sophisticated commercial coverages, such as cyber liability and habitational property – delivered through agents, brokers, wholesalers and other brand partners. Our partners and customers count on us to deliver exceptional service through a dedicated team that makes rapid resolutions a priority. We simplify the insurance experience through our advanced technology platform that supports every phase of the policy lifecycle. Bring on your challenges and let us show you how we build insurance better. Position Summary: The Cyber Risk and Security Controls Analyst will be responsible for conducting cyber risk assessments and continuously monitoring security risks and controls across MSI's global environment. This role will collaborate with audit teams and other stakeholders to ensure the effectiveness of security controls and compliance with internal policies and external regulations. Principal Responsibilities: Perform cyber risk assessments and identify security gaps. Oversee the execution of the cyber risk program, ensuring that all initiatives are effectively implemented and aligned with organizational goals. Monitor and report on the effectiveness of security controls. Collaborate with audit teams to support internal and external audits. Support management in advancing the maturity of the organization's security environment by identifying gaps, recommending enhancements, and aligning controls with evolving risk landscapes and industry standards. Document security processes and procedures for IT and non-IT staff. Stay current with cybersecurity trends and provide recommendations for enhancements. Knowledge, Skills, and Abilities: Degree or diploma in a Computer Sciences program and/or related industry experience Experience with IAM processes and procedures. Knowledge of cloud hosting solutions emphasis in Microsoft Azure preferred Knowledge of security tools such as Zilla, Entra, and Sentinel Strong technical and analytical skills. Excellent verbal and written communication skills Must have excellent communication skills (both verbal and written) Ability to document data flows and network diagram Security+ or other foundational level security certifications preferred Must have ability to collaborate and solve difficult problems, combining the ability to prioritize and function well in a dynamic environment Ingrained sense of accountability and ownership Continuous drive for learning, pushing technical limits, and finding new solutions Understanding of GRC: Familiarity with governance, risk, and compliance frameworks and regulations emphasis is SOX, NYDFS, and SOC II Type 2 preferred (e.g., NIST, ISO). Special Working Conditions: Fast-paced environment Must be able to interact effectively with various levels of management Must be able to adapt and implement new control procedures as necessary Remote work capability with secure and reliable internet connection Technical, Computer, And System-Specific Skills Required: Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint, Outlook) Ability to learn any other appropriate program or software system used by the firm as necessary Proficiency in Microsoft Office Suite: Expert level in Microsoft Word for document creation, formatting, and template management. Document Management Systems: Experience with SharePoint, or similar platforms for document storage, collaboration, and version control. Experience with GRC tools General IT Knowledge: Familiarity with common IT concepts such as server administration, networking protocols (TCP/IP), cloud services (AWS, Azure), and database systems. Cybersecurity Tools: Basic understanding of tools used for vulnerability scanning, security information and event management (SIEM), and identity and access management (IAM). #LI-JW2 #LI-REMOTE Click here for some insight into our culture! The Baldwin Group will not accept unsolicited resumes from any source other than directly from a candidate who applies on our career site. Any unsolicited resumes sent to The Baldwin Group, including unsolicited resumes sent via any source from an Agency, will not be considered and are not subject to any fees for any placement resulting from the receipt of an unsolicited resume. The Baldwin Group (previously Baldwin Risk Partners) is a cohesive group of experts in business insurance, employee benefits, retirement planning, and all areas of private and personal insurance. Since 2011, we’ve evolved from a local business into a national firm with a vast network of specializations serving two million clients across the country. At The Baldwin Group, we provide solutions so our clients can pursue what’s possible for themselves, their families, and their businesses. Whether renting a first apartment, opening a small business or taking a company public, we offer solutions to support clients at every step of their journey giving them peace of mind to pursue their purpose, passion, and dreams. We Protect the Possible. The Baldwin Group is an equal employment opportunity firm and strives to comply with all laws prohibiting discrimination based on race, color, religion, age, sex (including sexual orientation and gender identity), national origin or ancestry, disability, military status, marital status, and any other category protected by federal, state, or local laws. All such discrimination is unlawful, and all persons involved in the operations of the firm are prohibited from engaging in this conduct.