Acrisure LLC Governance, Risk, and Compliance (GRC) Analyst in Grand Rapids, Michigan
Why Choose Acrisure?
In record time, Acrisure has become the fastest growing insurance broker globally. A top 20 player a few years ago, we are now in the top 10 of insurance broker globally, with ambitious plans to continue growing at pace. Beyond our growth, our dedication to client service, as fueled by our business model and culture, means that Acrisure?s opportunity is to be the most relevant and successful, privately held insurance broker in the industry.
Our model is unique. Through a network of agency partners that provide local service with global reach, we work in service of two core objectives: create value and be a good partner.
Our culture is strong. We are a collaborative company of entrepreneurial, innovative, and talented people who believe in our future. We outthink and out work the competition. We look outside our walls and are energized by our fast-paced trajectory.
Our vision for the future is clear. We have limitless potential to achieve unprecedented success in the insurance industry. To achieve our opportunity, a best-in-class information security must support us.
This is an exciting opportunity to join this growing team and immediately make an impact to the overall success of the company. If you are interested in collaborating with good people who celebrate entrepreneurialism and work with commonality of purpose, Acrisure is the place for you.
Working as part of the Information Security department at Acrisure, the Governance, Risk, and Compliance (GRC) Analyst will be responsible for assisting the GRC Manager with the day-to-day IT compliance, data governance, and IT risk management functions. This role assesses and documents Acrisure?s compliance and risk posture as they relate to Acrisure?s information assets.
The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program. Responsibilities require project management experience, as well as expertise to ensure effective system-wide security analysis, standards and testing; risk assessment; user awareness and education; and development of policies, standards and guidelines.
Essential Duties and Responsibilities:
Coordinates risk assessments with Agency Partners, SaaS platforms, and 3rd party service providers
Documents, enforces, measures, and manages compliance
Assists Agency Partners with questions and proper corrective measures to ensure compliance and optimal security posture
Documents, measures, and manages risk and compliance
Assists completion of security questionnaires from third parties including insurance carriers
Mentors Information Security Analyst GRC Interns
Collaborates with other Acrisure departments and IT groups as necessary
Assists with the implementation and design of Identity and Access Management program
Assists with internal and external IT Security assessments
This description is not meant to be all-inclusive and may be modified from time to time at the discretion of management.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are examples of the knowledge, skill, and/or ability desired. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Strong preference for candidates with insurance industry experience and/or 23 NYCRR 500 (NYDFS Cybersecurity) regulation and requirements
Excellent written and oral communication skills, interpersonal skills, and ability to adapt writing, presentations, and communications to the target audience knowledge level.
Understanding of infrastructure security tools such as firewalls, network security monitoring, anti-malware, vulnerability scanners, etc.
Organizational skills with ability to successfully manage multiple priorities and deadlines.
Familiarity with compliance requirements including GDPR, HIPAA, and CCPA.
Experience with Security Frameworks including NIST 800-53, NIST CSF, and/or ISO 27001
Education and/or Experience :
Combined minimum of 2 years of IT, Information Security, and/or GRC experience required Certifications: Certified in Risk and Information Systems Control (CRISC), Governance of Enterprise IT (CGEIT), Project Management Institute-Risk Management Professional (PMI-RMP), Certified Information Security Auditor (CISA), and Certified in the Governance of Enterprise IT (CGEIT) are all a plus
Able to work independently and enjoy a high degree of interaction with team members
Ability to contribute to a collaborative environment by consistently demonstrating teamwork, high motivation, positive behavior and effort to achieve goals and objectives
Self-motivated and driven
Maintain a sense of urgency and ability to work with and meet deadlines
Demonstrate effective written and verbal communication, including the ability actively listen, and problem solve with minimal assistance
Demonstrates excellent time management and prioritization skills
Attention to detail and commitment to a high level of accuracy
The ability to multitask, prioritize, work independently, and use discretion surrounding sensitive information
Ability to maintain a professional demeanor and positive attitude
Physical Demands : The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Moderate stress due to regular deadlines and daily challenges.
High finger dexterity while typing documents and forms.
Occasionally lift up to 20lbs.
Work Environment : The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job, and reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Work is done in a temperature-controlled, non-smoking office.
Workstations are cubicles with moderately high sides.
The noise level in the work environment is usually moderate.
Together with our Agency Partners, Acrisure is reshaping the insurance industry. Be a part of that evolution and join the Acrisure community, either as part of our Home Office support teams or within one of our Agency Partners. Visit our website to see available job openings in insurance, accounting, account management, and more. https://acrisure.com/about-acrisure/careers/
To Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure?s property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to hiring managers without contacting Acrisure?s Human Resources Talent Department.