Information Security GRC Analyst

Who We Are  Insurity’s vision is all about empowerment. Empowering insurance organizations to quickly capitalize on new opportunities by delivering the world’s most configurable, cloud-native, easy-to-use, and intuitively analytical software. It’s also about empowering our team members through tools, training, teamwork, and professional development opportunities. To talk the talk, we must walk the walk. We are the largest cloud-based insurance software provider for the Property & Casualty market. In 2021, we were trusted by 15 of the top 25 P&C carriers – now, in 2024, we are trusted by 22 of the top 25 P&C carriers. That’s proof we walk the walk. While our product suites are some of the most compelling in the industry, it’s our team members who deliver the exceptional value and unrivaled industry expertise our customers appreciate from us. Our team tells us over and over; working at Insurity offers you the opportunity to collaborate with and learn from some of the most creative and knowledgeable minds in insurance technology. You’ll feel welcomed even before you start your first day with us through our award-winning onboarding program. Take the first step to joining our team by applying today and we look forward to seeing #UatInsurity. Insurity’s Next Information Security GRC AnalystSeeking an Information Security GRC Analyst to assess and prioritize information security risk across the organization, facilitate compliance with regulatory requirements and policies, and develop and report on information security metrics. What Our Information Security GRC Analyst Will Do   

•         Prepare for and manage functional compliance readiness 
•         Prepare for and participate in IT, Governance, and Information Security related audits  
•         Maintain and monitor a central repository of audit evidence  
•         Conduct gap analysis on various industry standard compliance and regulatory requirements 
•         Track, update, and draft clear, concise policies, standards, procedures and guidelines  
•         Maintain an up-to-date risk register and track remediation status  
•         Collaborate with various departments on GRC related objectives  
•         Perform access reviews on a regular basis  
•         Perform firewall rule reviews on a regular basis  
•         Conduct regular security reviews on third party software and service vendors  
•         Track and ensure compliance with IT and security controls covering a wide range of regulations  
•         Answer, liaise and appropriately escalate client questionnaires and inquiries  
•         Stay educated on international and state specific data protection laws and ensure ongoing compliance  
•         Follow up with team members driving progress on tracked issues  
•         Contribute to metrics and KPIs for CISO and executive management review  
•         Support information security, compliance, and governance inquiries from other teams within Insurity  
•         Review, update, and test governance plans such as the BCP, IRP and DR plans  
•         Track and audit risk management and risk management strategies for the organization  
•         Assist with client marketing regarding security, compliance, and regulatory standards  
•         Work closely with technical and non-technical teams to meet regulatory controls  
•         Audit, investigate, and follow up on specific controls and requirements as needed  
•         Stay up to date on industry and job-related trends and best practices, including reading relevant publications, articles, blogs, etc.
    

Who We’re Looking For   

• Knowledge and experience in risk management, audits (SOC 1, SOC 2, PCI DSS), and information security best practices  
• Knowledge and experience in cloud technologies, preferably AWS and Azure (doesn't need to be hands-on, but knowing key services, functions, and security concepts/features is required)  
• Basic understanding of regulatory compliance and information security frameworks such as GDPR, CCPA, NIST, CIS Controls, etc. (not required to know details, just the fundamentals)  
• Knowledge and experience implementing and maintaining compliance tools (i.e. Drata, Vanta, OneTrust) is a PLUS 
• Bachelor’s degree in related field (equivalent work experience may be considered) 
• At least 2 years’ experience working in governance and compliance related roles (relevant experience in a similar field or function(s) may be considered).  
• Information security certifications such as CIPP, PMP, CISA, CRISC, etc. are a plus 

  Core Skills  

•         Analytical and critical thinking  
•         Attention to detail  
•         Written and oral English communication  
•         Time management including work planning, prioritization, and organization  
•         Sound judgement  
•         Ability to handle multiple priorities or tasks  
•         Self-starter and quick learner  
•         Detail-oriented  
•         Active listener  
•         Ability to collaborate and work independently  
•         Flexible and adaptable  
•         Ability to accurately present information  
•         Process analysis, design, and management  

 What’s In It For U   

• Flex First Workforce: Do your work best from home or from one of our office locations; it’s your choice.  
• Generous Time Off: Our leadership believes in taking the time you need when you need it through our Open PTO Policy.  
• Day One Health Benefits + Employer-Matched Retirement Savings: You might think these are table stakes, but we know these matter to you. 
• More Than Just Core Values: Our values are fundamental in how we attract, train, and retain top talent. 
• Award-Winning Onboarding Program: We set you up from the get-go to make a significant impact from Day One and follow you through your entire first year. 
• Real Career Growth Opportunities: We love to promote from within with over 20% of our open roles filled through internal applicants on average. 
• Mentorship Program: We support a champion culture and growth mindset by pairing you with experienced, talented leaders to help you grow personally and professionally. 
• Internal Networking: Build relationships, network, collaborate, and stay connected with colleagues internally with our one-of-a kind online Coffee for Two program. 
• Continuous Learning Opportunities: Own your development with your own LinkedIn Learning and Kaplan licenses. 
• Discounted University Tuition: Employees and their families can start or continue their university career with less out-of-pocket investment through our partnerships with the University of Arizona Global Campus. 
• Employee Referral Bonus: Once you come onboard, give Insurity the biggest compliment you can give by referring someone to work here and earn a cash bonus. 

  We have five Core Values at Insurity; one of which is to Act with Integrity. Providing pay transparency helps you make the best decision for you. We continuously analyze and update our salary ranges for our roles according to market trends to not only ensure our employees are paid fairly, but also help close gender, race, and disability wage gaps. Along with the benefits listed above, the salary range for this role is $75,000 to $135,000, commensurate with experience.   Insurity is proud to be an Equal Opportunity Employer We are dedicated to creating an exceptional work environment for all our employees by extending a culture of diversity, equity, inclusion, and belonging into the very fabric of our organization. We embrace differences and diversity of identity, experience, and thought, and actively strive for inclusive behaviors across our company.   We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application and/or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.   Thank you for your interest in Insurity! Please understand that due to the volume of applicants we receive, only selected candidates will be contacted.   #LI-Remote