Head of CyberClear Centre

Job Description – Head of CyberClear Centre

About Hiscox:

At Hiscox we care about our people. We hire the best people for the work, and we’re committed to diversity and creating a truly inclusive culture, which we believe drives success. We embrace hybrid-working practices, balancing the ability to work remotely with the culture and energy we experience when we are face-to-face in our offices. Our focus on collaboration and cross-functional working is supported with virtual tools that minimise physical travel, hot-desking neighbourhoods that create a physical sense of community and Team Charters that our teams co-create to set out how they’ll work together. This modern way of working has contributed to impressive employee engagement scores across Hiscox and means we’re delivering even better solutions for our Hiscox Colleagues.

Position: Head of CyberClear Centre
Reporting to: Chief Information Security Officer
Location: Bishopgate, London (2 days per week in office)

The Role: The Head of CyberClear Centre (C3) is responsible for leading our global centre of excellence for cyber insurance products and services. This is a market facing role and requires an excellent brand ambassador, preferably with a mix of consulting and insurance experience. The role also oversees a small team of cyber experts who provide risk consulting to our underwriters and high value insurance Clients. You will need an excellent understanding of cyber insurance product development, underwriting, claims and exposure management. You will also need to have broad and deep experience in the cyber sector and be able to advise our Clients on cyber risk management and perform the delivery of services to support their risk management plans.

You will also advise underwriters on policy wording, risk appetite, risk selection and emerging threats. When complex claims arise, you will need to act as the subject matter expert to support Claims handling processes. The C3 designs and develops cyber products and services for use by our underwriting teams, brokers and Clients. You will need to manage the product and service lifecycle, including managing any third parties involved in the delivery chain. The role reports directly to the CISO and is a member of the Cyber Leadership Team (CLT). The role is based in London or York (UK) and is a permanent position.

1. Provide cyber security consulting, training, and intelligence to our cyber underwriters and support the development of new cybersecurity insurance products.
2. Design, develop and deliver cyber advisory services to our insurance Clients.
3. Design, develop and deliver technical cyber training programmes to our underwriters.
4. Design, develop and deliver cyber products and tools used in the underwriting process.
5. Lead the design and development of new cyber insurance products to the market.
6. Advise high risk insurance Clients on their cybersecurity strategy and projects to materially mature their cyber capabilities.
7. Prepare intelligence reports and risk assessments for use in risk selection.
8. Consult and provide technical cyber expertise to our underwriters, claims handlers and exposure management teams.
9. Lead the delivery of our annual report – The Hiscox Cyber Readiness Report.
10. Produce thought leadership for underwriting and marketing use.
11. Represent Hiscox at various conferences and events.
12. Provide leadership to the C3 team, create an engaging workplace and help grow their careers.
13. Develop cybersecurity initiatives, evaluate necessary investments and articulate business benefits.

1. Minimum of 8 years’ experience in cybersecurity consulting, with at least 3 years in a leadership role.
2. Experience of the Lloyds Market, Reinsurance markets and Retail insurance is highly desirable.
3. Excellent understanding of cyber insurance products and current market conditions.
4. Strong knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO, COBIT, etc.).
5. Expertise in security technologies, tools, and methodologies (e.g., firewalls, encryption, penetration testing, etc.).
6. Strong understanding of underwriting practices for cyber risks.
7. Excellent consulting and stakeholder management skills.
8. Excellent communication, presentation, and interpersonal skills with an ability to both present at board level and industry conferences.
9. Ability to think strategically, analytically, and creatively.
10. Strong leadership and team management skills, with the ability to motivate and develop staff and foster a culture of security and excellence.
11. Certified Information Systems Security Professional (CISSP) or equivalent certification is desirable.
12. Technical security qualification in cyber security (inc. ethical hacking) are also desirable.