Company Details

Berkley Technology Services (BTS) is the dynamic technology solution for W. R. Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations in Urbandale, IA and Wilmington, DE, BTS provides innovative and customer-focused IT solutions to the majority of WRBC’s 60 operating units across the globe. BTS’s wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible.

Driven by a commitment to collaboration, BTS acts as consultants to our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand, but proactively plan for the “What’s Next” in our industry and beyond.

With a culture centered on innovation and entrepreneurial spirit, BTS stands as a community of technology leaders with eyes toward the future -- leaders who truly care about growing not only their team members, but themselves, and take pride in their employees who shine. BTS offers endless ways to get involved and have the chance to grow your career into a wide range of roles you'd never known existed. Come join us as we push forward into the future of industry leading technological solutions.

Berkley Technology Services: Right Team, Right Technology, Simple and Secure.

Responsibilities

The Manager, Information Security and GRC Metrics reports to the Vice President of IT GRC and is located in either Urbandale, Iowa, Wilmington, Delaware, or remote would be available for the right candidate. This is an exciting role for a dynamic GRC leader dedicated to leading a global Fortune 400 (W.R. Berkley) Governance Risk and Compliance program’s operational activities. This role may be filled at the Director level based on the one’s ability to be a thought-leader, highly qualified subject matter expert, and hands-on professional with the experience and know-how needed to guide and accelerate their respective programs. This new and pivotal position entails overseeing the development, implementation, and management of a robust metrics frameworks aimed at evaluating the efficacy of our organization's controls and help portray a risk-based view into our information security and information technology programs. The successful Manager, Information Security and GRC Metrics will play a pivotal role in shaping the overall metrics strategy, driving continuous improvement, and fostering a culture of accountability and excellence. Operational work within the GRC function may be required on occasion to better learn some of the operational components of the team and/or to assist on more complex projects.

• Provide strategic direction and leadership in the development and execution of our metrics initiatives, aligning them with organizational objectives and industry best practices.
• Design and establish comprehensive metrics frameworks to quantitatively assess the performance and impact of controls and risks across the organization.
• Collaborate with senior leadership, executive management, and key stakeholders to understand their information needs, communicate the value of metrics, and ensure alignment with business priorities.
• Leverage data analytics techniques to collect, analyze, and derive actionable insights from our metrics to further enable informed decision-making and risk mitigation strategies.
• Produce regular and ad-hoc reports on metrics, presenting findings in a clear, concise manner to diverse audiences, including board members, organizational leadership, and operational teams.
• Continuously evaluate and refine the metrics framework based on feedback, industry trends, and emerging threats, driving a culture of continuous improvement and innovation.
• Stay abreast of relevant regulatory requirements, industry standards, and emerging trends.
• Lead the overall metrics program and work across the organization to demonstrate the value of metrics and influence team members to contribute and participate in data collection efforts. Development a communication strategy around the benefits and opportunities for a strong metrics program.
• Assist and contribute to GRC projects and tasks - including but not limited to compliance assessments, risk assessments, and issues management.

Qualifications

• Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) highly desirable.
• Bachelor's degree in Information Security, Business Administration, Computer Science, or a related field. Advanced degree (e.g., MBA, MS) preferred
• Proven track record of at least 5-8 years of progressive experience in information security and/or GRC, with core responsibilities focused on metrics development, implementation, and management during that time.
• Deep understanding of Information Security and GRC principles, frameworks (e.g., NIST Cybersecurity Framework, ISO 27001), and regulatory requirements (e.g., NYDFS, CCPA/GDPR, SOX).
• Exceptional leadership and communication skills, with the ability to inspire and influence cross-functional teams and senior stakeholders.
• Strong analytical mindset, with proficiency in data analysis tools (e.g., Excel, Power BI, Tableau) and experience in translating complex data into actionable insights, including automated monitoring.
• Demonstrated ability to thrive in a fast-paced, dynamic environment, managing competing priorities and driving results through collaboration and teamwork.