Cyber Threat Intelligence Lead

Cyber Threat Intelligence Lead (M/F/d)*

**Company**
Munich Re
**Location**
Munich, Germany

We are the globally leading reinsurer and a market leader in cyber insurance, the fastest growing line of business. We are continuously improving our understanding of cyber risk to be able to offer our customers the best insurance products and integrated services.

The central division Corporate Underwriting for cyber is a department that bundles cyber insurance expertise in order to efficiently support the business units in writing profitable cyber insurance and developing new fields of cyber business. Corporate Underwriting holds the risk management function cyber line of business. Responsibilities include assessing accumulation potentials, maintaining portfolio transparency, developing underwriting standards, risk models, technology solutions and services.

The understanding and quantification of cyber exposures is essential for our business and our team provides up-to-date methods and frameworks which enables the operational units to underwrite cyber risks in an effective and efficient way.

**Responsibilities**

We are looking for a technical leader with robust understanding of cyber threat landscape and can guide a group of cyber security experts. We expect this group of experts, under the guidance of the technical team leader, to rapidly assess new cyber threats (TTP's) and understand their impact to our insured portfolios. They will provide up-to-date guidance to our underwriting community in light of recent developments as well as trends. This guidance will take the form of advisory and development of risk assessment methodologies. The risk assessment methodologies will be implemented in various underwriting platforms currently in use at Munich Re, underwriting smaller risks of SME insureds as well as large complex multinational enterprise risks. The CTI expert group will develop methods to recognize presence or lack of certain features and effectiveness of security controls in use by insureds. CTI lead will guide the team and advise on the best way to acquire these signals (data features) and execute on the acquisition strategy. The team will be responsible for the quality and fit-for-purpose of the acquired data for the purposes of underwriting and services. The CTI lead will manage relationships with all threat intelligence business partners of Munich Re and ensure we get the best intelligence that serves our purposes and utilize it as broadly as possible in the organization for improving our cyber insurance business results.

**Your Job**
- Acquire threat intelligence
- Manage threat intelligence relationship with business partners
- Define the process to utilize threat intelligence to improve our underwriting frameworks, tools and methods
- Guide (technically) a small group of cyber experts to analyze actual threat intelligence, existing security research and Munich Re insured loss experience
- Using all available information, advise underwriting method leaders to incorporate the relevant risk assessment methods in our frameworks
- Work with data specialist to generate cyber risk insights from insured portfolios and advise portfolio managers on underlying cyber risk drivers
- Rapidly respond to developing threats by providing timely and regular updates to cyber business leaders and top management, including emergency information in case of potentially adverse developments for the cyber insurance portfolio
- Help identifying cyber scenarios with potentially ruinous accumulation exposure (e.g. widespread malware attacks or cloud outages) potentially hitting multiple clients at the same time. In that context, understand capabilities and motivation of threat actors, understand controls that are most most effective to countering these scenarios.
- Develop data acquisition strategies to interpret the effectiveness of security controls in use by insureds and implement these strategies together with data specialists, IT department and commercial and strategic business partners
- Develop content about security advisory notifications shared with insureds as a result of continuous risk monitoring activities

**Your Profile**
- 10 years of experience in cyber security related role of which at least 3 years focused on utilizing threat intelligence
- Degree in Information Technology, Information Security or related field. Security-relevant certifications are an asset
- Ability to analyze and model cyber threats, including threat actor motivations, tactics, techniques, and procedures (TTPs)
- In-depth knowledge of cyber security, technology and governance standards, and procedures
- Experience or know-how about Cyber Insurance and risk quantification would be an asset
- Pragmatic thinking and willingness to work as part of an innovative team
- Cope well with uncertainty and imperfect knowledge and finds creative workarounds and develop alternative ways of achieving objectives
- Excellent communication skills and abil