Express Scripts Senior Quantitative Risk Analyst in St. Louis, Missouri
Lead the cyber risk quantification program at Express Scripts. Lead in creation and operations of risk quantification through creation of adhoc or repeatable models. Utilize FAIR analysis for normalizing and quantifying information security risk. Prioritize risk based on quantified analysis and participate in risk management related investment decisions by providing quantitative information
- Conduct quantitive and qualitative risk analysis using FAIR or other mathematical models.
- Provide quarterly and ad-hoc reports to management regarding the cyber risk portfolio and business resiliency risk.
- Conduct periodic cyber liability analyses
- Build tools and reports to support analysis and risk modeling using various programs (Excel, R, R Shiny, etc)
- Keep apprised of advances in risk quantification modeling software and of advances in the science and industry of risk quantification modeling.
= Research cyber security risks and mathematically quantify those risks and/or make recommendations for guidelines that will appropriately mitigate the company’s exposure to those risks.
- Train decision makers on calibrated probability assessments. Provide Calibration training to stakeholders
- An ideal candidate will have a degree and/or work experience in a quantitative discipline (e.g., Mathematics, Statistics, Actuarial Sciences, etc.). A preferred candidate will also have familiarity with Computer Science, Programming or Information Security domains
- Familiarity with R and FAIR for risk quantification modeling as well as intermediate to advanced skills using Excel
- Certification in Factor Analysis of Information Risk (FAIR) preferred
- Certification in information security (CISSP, CISM, or equivalent) preferred
- Three to Five years of relevant working experience with Bachelor's degree, or One to Three years with Masters degree in Information Security or computer related field
- Ability to lead and direct work of junior team members in the information risk quantification program
- Strong understanding of theory behind risk quantification and ability to articulate it to stakeholders for engagement and buy-in
- Strong understanding of information security principles
- Strong interpersonal skills, ability to interview stakeholders and translate responses into inputs needed for risk quantification models
- Excellent organizational skills and ability to communicate with internal/external entities and executives
- Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities
- Customer service-oriented
- Ability to work in a flexible environment where requirements and procedures continuously evolve
- Ability to multi-task and manage time effectively
ABOUT EXPRESS SCRIPTS
Advance your career with the company that makes it easier for people to choose better health.Express Scripts is a leading healthcare company serving tens of millions of consumers. We are looking for individuals who are passionate, creative and committed to creating systems and service solutions that promote better health outcomes. Join the company that Fortune magazine ranked as one of the "Most Admired Companies" in the pharmacy category. Then, use your intelligence, creativity, integrity and hard work to help us enhance our products and services. We offer a highly competitive base salary and a comprehensive benefits program, including medical, prescription drug, dental, vision, 401(k) with company match, life insurance, paid time off, tuition assistance and an employee stock purchase plan.Express Scripts is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class. Applicants must be able to pass a drug test and background investigation. Express Scripts is a VEVRAA Federal Contractor.
ABOUT THE DEPARTMENT
Do you enjoy the challenge of defending an enterprise from security breaches? Come put your skills to work at an organization trusted to protect client, patient and company data amid the ever-changing landscape of information security threats and risks. Our cyber defenders are challenged and trusted with maintaining our secure infrastructure day in and day out, while delivering an enterprise computing environment that is resilient to breaches and disruptions. If you’re as passionate about data security as we are and want to be at the center of our noble mission to make healthcare safer and more affordable, explore our opportunities.