Controls & Risk Analyst

 At HUB International, we are a team of entrepreneurs. We believe in empowering our clients, and we do so by protecting businesses and individuals in our local communities. We help businesses evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees. As a global firm, we offer employees resources in both technology and industry expertise, but we still maintain the local flavor of our offices. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence.

HUB is the 5th largest global insurance and employee benefits broker, providing a boundaryless array of property, casualty, risk management, life and health, employee benefits, investment and wealth management products and services. With over 17,000 employees in more than 550 offices throughout North America, HUB has grown substantially, in part due to our industry leading success in mergers and acquisitions.

About the Position

Reporting to the GRC Controls Manager, the GRC Controls & Risk Analyst will provide general support and assist with the overall security initiatives owned by the GRC Controls Manager. The GRC Controls & Risk Analyst supports the growth of the GRC Controls business unit within Information Security by being responsible for supporting development, monitoring and maintenance of an Enterprise Risk Program designed to ensure that the Company achieves optimum compliance with all regulatory requirements. The GRC Controls & Risk Analyst will be part customer/client facing and part internal governance, maturing internal security controls within the organization.

The ideal candidate will have prior Governance, Compliance and/or Risk experience along with the ability to communicate effectively with clarity and thrive in an ever-changing control environment.

Responsibilities

• Provide general support to the GRC Controls Manager and GRC department as needed.
• Validate data contained within various software applications/services used by the GRC department.
• Maintain and improve the management of internal controls to meet SOC2 and ISO 27001 security requirements.
• Evaluate the design and test the operating effectiveness of key controls identified.
• Monitor, track and process run tasks and projects around Control Risk Assessments.
• Assist with the development and management of tools to support tracking departmental activities and reporting metrics, such as assigned assets and regulatory requests.
• Contribute to other risk management activities, which may include asset tracking and other special projects as needed.

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required. A self-starter who can deliver results while working independently.

Education Level and Experience Required

Minimum BA/BS or equivalent work experience in governance and/or compliance, security assurance, management of information systems or a related field preferred. Process expertise in GRC areas is necessary (e.g., risk management, compliance and regulation, controls automation, continuous controls monitoring and training administration).

Required Knowledge and Capabilities

• Intellectual curiosity and analytical skills in areas of high complexity; sound judgment in resolving matters of high complexity.
• Strong written communication skills and ability to proactively problem solve with regional leadership.
• Understanding of IT environments, risk, and assessment and auditing methodologies.
• Strong working knowledge of some or all of ISO27001, SSAE16/18, information security standards, GDPR, ITIL, cyber essentials.
• Ability to manage projects across multiple teams or groups (strong planning, organization, and project management skills).
• Ability to prioritize assigned work and complete activities in a timely manner.
• Ability to work independently/remote and in a team environment.
• Ability to constantly adapt to a dynamic and complex work environment.
• Above average proficiency with the Microsoft Office Suite including Teams, SharePoint, and Visio, as well as an ability and willingness to learn additional platforms as needed.
• Willingness to travel up to approximately 5-10% of working time.

Although hybrid to Chicago is preferred, this position is open to remote US candidates.

About HUB International

Headquartered in Chicago, Illinois, HUB International Limited (HUB) is a leading full-service global insurance broker providing property and casualty, life and health, employee benefits, investment and risk management products and services. From offices located throughout North America, HUB’s vast network of specialists provides peace of mind on what matters most by protecting clients through unrelenting advocacy and tailored insurance solutions. For more information, please visit hubinternational.com.

Disclosure required under applicable municipal regulations in NY and NJ, as well as the law in Colorado: The expected salary range for this position is $60-80K and will be impacted by factors such as the successful candidate’s skills, experience and working location, as well as the specific position’s business line, scope and level. HUB International is proud to offer comprehensive benefit and total compensation packages which could include health/dental/vision/life/disability insurance, FSA, HSA and 401(k) accounts, paid-time-off benefits, and eligible bonuses, equity and commissions for some positions.

Department Information Technology

Required Experience: 1-2 years of relevant experience

Required Travel: Negligible

Required Education: Bachelor's degree (4-year degree)

HUB International Limited is an equal opportunity employer that does not discriminate on the basis of race/ethnicity, national origin, religion, age, color, sex, sexual orientation, gender identity, disability or veteran's status, or any other characteristic protected by local, state or federal laws, rules or regulations.

E-Verify Program

We endeavor to make this website accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the recruiting team HUBRecruiting@hubinternational.com. This contact information is for accommodation requests only; do not use this contact information to inquire about the status of applications.