Willis Towers Watson

Cyber Risk Consultant - Risk & Analytics

Posted on Oct 29 New York, NY 118 views

This role is an exciting opportunity to join WTW’s Risk & Analytics team in a high growth and strategically important practice. Organizations are struggling to understand and measure their cyber risk in a manner that is easily explainable to non-cyber experts including Risk Mangers and Senior Executives. The team brings clarity to these situations by helping clients form a risk strategy including measuring the return on mitigating actions and insurance purchasing.

This role sits within the broader Risk & Analytics team, a global, cross-disciplinary consulting team which includes actuaries, data scientists, accountants, attorneys, and more. Risk & Analytics is part of the Risk & Broking Segment, a risk and insurance advisory and broking business.

The Cyber Risk Consultant is responsible for selling, leading, and delivering cyber risk engagements. The projects can include standalone projects, part of insurance brokerage, or part of a broader analytical project. In all cases, the Candidate is responsible for the execution and success of the engagement.

The Candidate must have the technical acumen to guide security experts, such as CISOs or their direct reports, to clarify the vulnerabilities facing the organization, understand the control environment, and assess alignment of security initiatives with business strategy. The Candidate must be capable of defining custom cyber event scenarios that exploit vulnerabilities identified and identifying relevant breach and network outage financial impacts. The Candidate will utilize WTW’s proprietary cyber risk quantification technology platform, Cyber Quantified. The Candidate will assist in shaping the investment and direction of this application and the model underpinning it. The Candidate is responsible for product development and project delivery.

Note: Employment-based non-immigrant visa sponsorship and/or assistance is not offered for this specific job opportunity.

The Role

  • Demonstrate subject matter expertise in information security core areas to provide technical and strategic advice to clients

  • Analyze client/prospect business environment, control environment to understand vulnerabilities; includes interview of relevant client representatives to garner their understanding of organization security control vulnerabilities

  • Develop custom scenarios to address client vulnerabilities identified and deemed relevant

  • Work with client stakeholders, including IT, Security and Finance/Risk constituents, to review custom scenarios and refine them. Stakeholders must feel comfortable backing those custom scenarios developed as input to quantification of their cyber risk.

  • Work with the client to identify relevant mitigating actions for control weaknesses identified and assist the client in prioritizing those mitigating actions in alignment with the manner in which those actions support security and business strategy

  • Utilize cyber risk quantification and other security data to analyze client security, using a combination of outside-in and inside-out indicators

  • Articulate cyber risk quantification needs by framing current process by which cyber risk mitigation, control posture, cyber risk exposure and insurance strategies occur and how it can be improved utilizing the Cyber Quantified technology platform and related tools.

  • Develop and deliver required engagement presentations, leading the client through approach, results and recommendations, inspiring confidence in client representatives that requisite business, technology and security is present and in has influenced the message being deliver.

  • Translate business problems into strategic and cost-effective technology solution alternatives.

  • Leverage broad IT knowledge and consultative skills to garner trust with the client team in assessing their control environment and developing relevant scenarios

  • Develop contextual and deep knowledge of the client business(es) engaged and the knowledge to provide context for cyber risk decision-making.

  • Collaborate with actuaries and modeling experts

  • Participate in special projects and performs other duties as assigned.

The Requirements

  • Minimum of five (5) years related work experience in Information Technology / Security
  • Prefer a minimum of three (3) years related work experience in Consulting
  • Prefer a minimum of three (3) years related work experience in utilizing critical enterprise SaaS products
  • Experience in cyber controls assessments/reviews
  • Strong Excel Skills: experience with R, Python, SQL is a plus
  • Analytical thinking and problem solving
  • Detail oriented and capable of delivering a high-level of accuracy
  • Ability to analyze business overviews, annual reports as well as very detailed monitoring and incident output to enable strong recommendations to the client
  • Stakeholder presentation skills
  • Strong organizational skills
  • Interpersonal and consultative skills
  • Understanding of networks, databases, and other technology
  • Understanding of cyber controls
  • Ability to define mitigating actions to address cyber control weaknesses
  • Strong written and verbal communication skills
  • Experience in working with cyber quantification software. cyber rating software and threat intelligence
  • Exceptional Business Development skills/contacts - Big 4 experience as a Management Consultant

Compensation and Benefits

Base salary range and benefits information for this position are being included in accordance with requirements of various state/local pay transparency legislation. Please note that base salaries may vary for different individuals in the same role based on several factors, including but not limited to location of the role, individual competencies, education/professional certifications, qualifications/experience, performance in the role and potential for revenue generation (Producer roles only).


The base salary compensation range being offered for this role is $100,000 - $175,000 USD. This role is also eligible for an annual short-term incentive bonus.

Company Benefits

WTW provides a competitive benefit package which includes the following (eligibility requirements apply):

  • Health and Welfare Benefits:

    Medical (including prescription coverage), Dental, Vision, Health Savings Account, Commuter Account, Health Care and Dependent Care Flexible Spending Accounts, Group Accident, Group Critical Illness, Life Insurance, AD&D, Group Legal, Identify Theft Protection, Wellbeing Program and Work/Life Resources (including Employee Assistance Program)
  • Leave Benefits:

    Paid Holidays, Annual Paid Time Off (includes paid state/local paid leave where required), Short-Term Disability, Long-Term Disability, Other Leaves (e.g., Bereavement, FMLA, ADA, Jury Duty, Military Leave, and Parental and Adoption Leave), Paid Time Off (Washington State only)
  • Retirement Benefits:

    Contributory Pension Plan and Savings Plan (401k). All Level 38 and more senior roles may also be eligible for non-qualified Deferred Compensation and Deferred Savings Plans. If Level 38 or more senior role is in Washington State, you must add the retirement benefits paragraph to the job description. Please note: Producer Sales roles are not currently eligible for the WTW Pension Plan.

EOE, including disability/vets

More From Willis Towers Watson

Human Resources Generalist - Florida Markets

Posted on May 25 Tampa, FL 494 Views

Summer Intern

Posted on Jan 5 Fort Lee, NJ 422 Views

Early Careers: Pension Outsourcing Benefits Internship – Summer 2024 - Multiple locations

Posted on Jan 5 Detroit, MI 527 Views

Senior Associate FINEX Broker

Posted on Sep 18 Los Angeles, CA 400 Views

Health and Benefits Associate Director

Posted on Oct 19 Minneapolis, MN 456 Views

Related Job Listings

Willis Towers Watson

Valuation Analyst

Posted on Dec 6 Los Angeles, CA 230 Views

Willis Towers Watson

Senior Actuarial Consultant, P&C

Posted on Jul 13 Philadelphia, PA 225 Views

Willis Towers Watson

Associate - Natural Catastrophe and Physical Climate Risk Consulting

Posted on Feb 13 Columbus, OH 308 Views

Willis Towers Watson

P&C Reserving Proposition Leader

Posted on Feb 1 Philadelphia, PA 48 Views

Willis Towers Watson

Enterprise Risk Management Consultant

Posted on Jan 31 New York, NY 67 Views