Governance, Risk, & Compliance (GRC) Analyst - Integrations and Third-Party Risk

Job Title: Governance, Risk, & Compliance (GRC) Analyst – Integrations and Third-Party Risk

Department: Information Security

Location: Hybrid (4 days on, 1 day remote) Grand Rapids, MI, Chicago, IL, Boston, MA, New York, NY, Austin, TX

Why Choose Acrisure?

In record time, Acrisure has become the fastest growing insurance broker globally. A top 20 player a few years ago, we are now in the top 10 of insurance broker globally, with ambitious plans to continue growing at pace. Beyond our growth, our dedication to client service, as fueled by our business model and culture, means that Acrisure’s opportunity is to be the most relevant and successful, privately held insurance broker in the industry.

Our model is unique. Through a network of agency partners that provide local service with global reach, we work in service of two core objectives: create value, and be a good partner.

Our culture is strong. We are a collaborative company of entrepreneurial, innovative, and talented people who believe in our future. We out think and out work the competition. We look outside our walls and are energized by our fast-paced trajectory.

Our vision for the future is clear. We have limitless potential to achieve unprecedented success in the insurance industry. To achieve our opportunity, a best-in-class Information Security Team must support us. 

This is an exciting opportunity to join this growing team and immediately make an impact to the overall success of the company. If you are interested in collaborating with good people who celebrate entrepreneurialism and work with commonality of purpose, Acrisure is the place for you.

Essential Duties and Responsibilities:

• Assist in executing the third-party risk assessment program to ensure compliance with organizational and regulatory requirements.

• Collaborate with cross-functional teams such as legal, compliance, IT, and business units to support risk assessment activities.

• Perform detailed risk assessments, evaluating third parties' security policies, procedures, and controls for compliance with company standards.

• Analyze third-party solutions for compatibility with the organization’s infrastructure, APIs, and data handling practices.

• Identify and document potential risks, proposing mitigation strategies and coordinating with internal teams and third parties to address gaps.

• Monitor third parties’ cybersecurity practices to ensure alignment with organizational expectations and industry standards.

• Support ongoing improvement efforts by contributing insights to enhance the third-party risk management program.

• Maintain accurate records of assessments, findings, and recommendations within risk management tools and systems.

• Assist in third-party lifecycle management, including due diligence during onboarding and periodic risk reviews.

• Prepare reports and summaries of findings for internal stakeholders to inform decision-making processes.

This description is not meant to be all-inclusive and may be modified from time to time at the discretion of management.

Competencies:                                                       

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education and/or Experience:

• A seasoned professional with 4+ years of progressive experience in IT security

• Proven expertise in managing timelines and deliverables effectively.

• Strong leadership skills with the ability to inspire and guide a team of security professionals.

• Excellent communication and interpersonal skills, with the ability to engage effectively with all levels of the organization and external partners.

Other Qualifications:

• Able to work independently and enjoy a high degree of interaction with team members

• Ability to contribute to a collaborative environment by consistently demonstrating teamwork, high motivation, positive behavior and effort to achieve goals and objectives

• Self-motivated and driven

• Maintain a sense of urgency and ability to work with and meet deadlines

• Demonstrate effective written and verbal communication, including the ability actively listen, and problem solve with minimal assistance

• Demonstrates excellent time management and prioritization skills

• Attention to detail and commitment to a high level of accuracy

• The ability to multi task, prioritize, work independently, and use discretion surrounding sensitive information

• Ability to maintain a professional demeanor and positive attitude

Physical Demands: The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Moderate stress due to regular deadlines and daily challenges. 

• High finger dexterity while typing documents and forms

• Occasionally lift up to 20lbs.

Work Environment:  The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job, and reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Work is done in a temperature-controlled, non-smoking office. 

• Work stations are cubicles with moderately high sides.

• The noise level in the work environment is usually moderate.

Together with our Agency Partners, Acrisure is reshaping the insurance industry. Be a part of that evolution and join the Acrisure community, either as part of our Home Office support teams or within one of our Agency Partners. Visit our website to see available job openings in insurance, accounting, account management, and more. https://acrisure.com/about-acrisure/careers/

To Executive Search Firms & Staffing Agencies:  Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement.  All unsolicited resumes will be considered Acrisure’s property, and Acrisure will not be obligated to pay a referral fee.  This includes resumes submitted directly to hiring managers without contacting Acrisure’s Human Resources Talent Department.

Acrisure is committed to employing a diverse workforce. All applicants will be considered for employment without attention to race, color, religion, age, sex, sexual orientation, gender identity, national origin, veteran, or disability status.  California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at www.Acrisure.com/privacy/caapplicant.
 

To Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure’s property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to Hiring Managers without contacting Acrisure’s Human Resources Talent Department.