Information Security GRC Analyst

Who We Are Insurity’s vision is all about empowerment. Empowering insurance organizations to quickly capitalize on new opportunities by delivering the world’s most configurable, cloud-native, easy-to-use, and intuitively analytical software. It’s also about empowering our team members through tools, training, teamwork, and professional development opportunities. To talk the talk, we must walk the walk. We are the largest cloud-based insurance software provider for the Property & Casualty market. In 2021, we were trusted by 15 of the top 25 P&C carriers – now, in 2024, we are trusted by 22 of the top 25 P&C carriers. That’s proof we walk the walk. While our product suites are some of the most compelling in the industry, it’s our team members who deliver the exceptional value and unrivaled industry expertise our customers appreciate from us. Our team tells us over and over; working at Insurity offers you the opportunity to collaborate with and learn from some of the most creative and knowledgeable minds in insurance technology. You’ll feel welcomed even before you start your first day with us through our award-winning onboarding program. Take the first step to joining our team by applying today and we look forward to seeing #UatInsurity. Insurity’s Next Information Security GRC AnalystSeeking an Information Security GRC Analyst to assess and prioritize information security risk across the organization, facilitate compliance with regulatory requirements and policies, and develop and report on information security metrics. What Our Information Security GRC Analyst Will Do   

•         Prepare for and manage functional compliance readiness 
•         Prepare for and participate in IT, Governance, and Information Security related audits  
•         Maintain and monitor a central repository of audit evidence  
•         Conduct gap analysis on various industry standard compliance and regulatory requirements 
•         Track, update, and draft clear, concise policies, standards, procedures and guidelines  
•         Maintain an up-to-date risk register and track remediation status  
•         Collaborate with various departments on GRC related objectives  
•         Perform access reviews on a regular basis  
•         Perform firewall rule reviews on a regular basis  
•         Conduct regular security reviews on third party software and service vendors  
•         Track and ensure compliance with IT and security controls covering a wide range of regulations  
•         Answer, liaise and appropriately escalate client questionnaires and inquiries  
•         Stay educated on international and state specific data protection laws and ensure ongoing compliance  
•         Follow up with team members driving progress on tracked issues  
•         Contribute to metrics and KPIs for CISO and executive management review  
•         Support information security, compliance, and …