Information Security GRC Analyst
United States
Insurity
Insurity is a leading P&C insurance software provider offering market-leading, cloud-based solutions to help companies focus on profitability. Learn more at Insurity!- Prepare for and manage functional compliance readiness
- Prepare for and participate in IT, Governance, and Information Security related audits
- Maintain and monitor a central repository of audit evidence
- Conduct gap analysis on various industry standard compliance and regulatory requirements
- Track, update, and draft clear, concise policies, standards, procedures and guidelines
- Maintain an up-to-date risk register and track remediation status
- Collaborate with various departments on GRC related objectives
- Perform access reviews on a regular basis
- Perform firewall rule reviews on a regular basis
- Conduct regular security reviews on third party software and service vendors
- Track and ensure compliance with IT and security controls covering a wide range of regulations
- Answer, liaise and appropriately escalate client questionnaires and inquiries
- Stay educated on international and state specific data protection laws and ensure ongoing compliance
- Follow up with team members driving progress on tracked issues
- Contribute to metrics and KPIs for CISO and executive management review
- Support information security, compliance, and governance inquiries from other teams within Insurity
- Review, update, and test governance plans such as the BCP, IRP and DR plans
- Track and audit risk management and risk management strategies for the organization
- Assist with client marketing regarding security, compliance, and regulatory standards
- Work closely with technical and non-technical teams to meet regulatory controls
- Audit, investigate, and follow up on specific controls and requirements as needed
- Stay up to date on industry and job-related trends and best practices, including reading relevant publications, articles, blogs, etc.
- Knowledge and experience in risk management, audits (SOC 1, SOC 2, PCI DSS), and information security best practices
- Knowledge and experience in cloud technologies, preferably AWS and Azure (doesn't need to be hands-on, but knowing key services, functions, and security concepts/features is required)
- Basic understanding of regulatory compliance and information security frameworks such as GDPR, CCPA, NIST, CIS Controls, etc. (not required to know details, just the fundamentals)
- Knowledge and experience implementing and maintaining compliance tools (i.e. Drata, Vanta, OneTrust) is a PLUS
- Bachelor’s degree in related field (equivalent work experience may be considered)
- At least 2 years’ experience working in governance and compliance related roles (relevant experience in a similar field or function(s) may be considered).
- Information security certifications such as CIPP, PMP, CISA, CRISC, etc. are a plus
- Analytical and critical thinking
- Attention to detail
- Written and oral English communication
- Time management including work planning, prioritization, and organization
- Sound judgement
- Ability to handle multiple priorities or tasks
- Self-starter and quick learner
- Detail-oriented
- Active listener
- Ability to collaborate and work independently
- Flexible and adaptable
- Ability to accurately present information
- Process analysis, design, and management
- Flex First Workforce: Do your work best from home or from one of our office locations; it’s your choice.
- Generous Time Off: Our leadership believes in taking the time you need when you need it through our Open PTO Policy.
- Day One Health Benefits + Employer-Matched Retirement Savings: You might think these are table stakes, but we know these matter to you.
- More Than Just Core Values: Our values are fundamental in how we attract, train, and retain top talent.
- Award-Winning Onboarding Program: We set you up from the get-go to make a significant impact from Day One and follow you through your entire first year.
- Real Career Growth Opportunities: We love to promote from within with over 20% of our open roles filled through internal applicants on average.
- Mentorship Program: We support a champion culture and growth mindset by pairing you with experienced, talented leaders to help you grow personally and professionally.
- Internal Networking: Build relationships, network, collaborate, and stay connected with colleagues internally with our one-of-a kind online Coffee for Two program.
- Continuous Learning Opportunities: Own your development with your own LinkedIn Learning and Kaplan licenses.
- Discounted University Tuition: Employees and their families can start or continue their university career with less out-of-pocket investment through our partnerships with the University of Arizona Global Campus.
- Employee Referral Bonus: Once you come onboard, give Insurity the biggest compliment you can give by referring someone to work here and earn a cash bonus.
Tags: Audits AWS Azure C CCPA CIPP CISA CISO Cloud Compliance CRISC Firewalls GDPR Governance KPIs NIST PCI DSS Risk management SOC SOC 1 SOC 2
Perks/benefits: Career development Equity / stock options Flex hours Flex vacation Health care Home office stipend Insurance Salary bonus Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.