Jr. Information Systems Analyst

Odyssey Reinsurance Company (OdysseyRe) is the global reinsurance arm of Odyssey Group, one of the world’s leading providers of reinsurance and specialty insurance. OdysseyRe offers a broad range of property, casualty, and specialty reinsurance products, providing capital and risk management solutions for clients to efficiently manage economic risk through a network of branch and representative offices across North America, Latin America, EMEA (Europe, Middle East & Africa), AsiaPacific and London.

OdysseyRe is an equal opportunity employer with excellent benefits and a strong commitment to providing training and opportunities for our staff. We provide employees an innovative, enriching environment and take great pride in their career growth.

OdysseyRe is rated A+ (Superior) by AM Best and A+ (Strong) by Standard and Poor’s. Odyssey Group is a subsidiary of Fairfax Financial Holdings Limited, which is traded on the Toronto Stock Exchange under the symbol FFH.

The Junior information systems (IS) analyst serves as a trusted advisor when assessing internal systems and controls, and is a key point of contact with external examiners. The Jr IS Analyst works under general supervision alongside compliance and risk teams to identify and verify risks to systems and data, and ensure teams are cognizant of any deficiencies and working toward addressing findings and recommendations. An Jr IS Analyst understands security risks and technologies and is able to effectively communicate them to business units. In addition, the Jr IS Analyst evaluates risk according to best practices, as well as compliance mandates, and provides detailed reports from assessments. When external examiners conduct engagements, the Jr IS Analyst is a primary point of contact and facilitator to ensure teams are abiding by safe computing and administrative procedures.   

In this position, the Jr IS Analyst will regularly review, evaluate and verify controls, and then document and report based on the state of the engagements. The Jr IS Analyst uses key risk indicators and IT general controls (ITGC) when assessing system design, data privileges/access and the entire supply chain related to a business system. The results and reports are shared with Cybersecurity GRC and risk teams, independent committees and leadership responsible for the audit outcomes. Jr IS Analysts also follow up and verify appropriate actions have taken place, especially when risk is excessive, and an organization is at risk or out of compliance.  

Essential Job Duties 
 

• Maintain and support external audit and Cybersecurity GRC department practices and processes with detailed reporting and accompanying technology recommendations. 

• Serve as part of a team of analysts to confirm a rigorous audit program focusing on ITGC and key risk indicators across the business. 

• Work closely with security leadership to ensure cybersecurity and audit policies and practices as defined in global and industry standards are aligned with an appropriate level of risk. 

• Retain expertise in one or more compliance standards, including but not limited to Sarbanes-Oxley Act (SOX), Payment Card Industry (PCI), Center for Internet Security (CIS) National Institute of Standards and Technology (NIST) and International Standards Organization (ISO) 27001. 

• Be actively informed and engaged in upcoming and completed security projects across the business.  

• Foster strong relationships with internal business units and excel in risk management, technical controls and cybersecurity communication.  

• Engage with critical third parties and validate adequate controls are in place. 

• Uncover, validate and document deficiencies in risk management, technology and cybersecurity practices. 

• Serve as a point of contact and liaison with external examiners for assessments throughout the year and at end-of-year evaluations. 

• Openly support the management team and executive leadership, even during tumultuous times. 

Skills and Experience 

• At least 2-years’ IT or cybersecurity experience (or IT coupled with cybersecurity), with at least 1 year in an operationally focused IT or security compliance role.  

• Strong written and verbal communication skills across all levels of the organization. 

• Skilled at working with diverse teams and promoting enterprise-wide risk management rigor and security-first culture. 

• A moderate or high level of expertise using the Microsoft Office suite of applications (specifically excel.) 

• Project management, multitasking and organizational skills. 

• Ability to preserves credibility with the team through sustained industry knowledge.  

• Applicable knowledgeable with national and global cybersecurity policies, regulations and security frameworks. 

• Demonstrated understanding and comprehension of a wide range of compliance and technology frameworks. 

Additional Qualifications 

• Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well. 

• General business administration competencies.  

• Excellence in communicating privacy, business risk and remediation requirements from assessments. 

• Highly organized and efficient. 

Education Requirements 

• Bachelor's degree in computer science, information assurance, or related technical field or business administration preferred, but not required. 

Certification Requirements 

• CISA highly recommended, but not required.   

We are an E-Verify employer - all hired positions require successfully passing an E-Verify Check.  

Navigate the links below to learn more about careers at OdysseyRe.

Workplace Initiatives

Career Areas for Professionals

A Rewarding Workplace

Follow us on LinkedIn for company highlights