Assurant is seeking an Information Risk and Compliance Manager to lead a team responsible for domestic and international regulatory compliance audits, information security assessments, and broader cybersecurity risk initiatives. This role is accountable for designing, implementing, and enforcing security, risk, and compliance controls that protect organizational information assets from unauthorized access, disclosure, or disruption.
The position oversees day-to-day compliance operations, including identifying and closing enterprise risk and control gaps, and establishing monitoring and reporting processes using key cybersecurity and compliance metrics aligned to frameworks and regulations such as ISO 27001, NIST, PCI DSS, HIPAA, and SOX.
The Compliance Manager will lead cross-functional teams, partner with IT and business stakeholders, support security operations and risk assessments, and drive internal and external audit activities, including maintaining audit documentation and evidence.
Additionally, this role contributes to strategic cybersecurity and compliance initiatives by aligning programs to the enterprise risk roadmap. The ideal candidate brings strong expertise in cybersecurity principles, compliance frameworks, audit methodologies, and risk management, along with proven leadership experience driving teams to successful audit, security, and compliance outcomes.
What are the requirements needed for this position? - Bachelor's degree in business administration, Information Technology, Cybersecurity, Risk Management, or a related field.
- 7+ years of experience in compliance, audit, or risk management, with a significant focus on information security assessments, audits, and IT controls. Proven experience in automating compliance and testing processes, particularly in IT control testing or auditing environments.
- 3+ years of Management experience
- Experience managing both domestic and international compliance requirements and assessments
- Strong knowledge of industry standards and regulatory frameworks, including ISO 27001, SOC 2, SOC 1, PCI-DSS, NIST, HIPAA, GDPR, and others.
- Strong knowledge of security testing methods related to vulnerability management, ethical hacking, penetration testing, application code testing and offensive security best practices.
- Understanding statutory and regulatory requirements relating to privacy, data security and related topics.
- Leadership: Proven ability to lead and motivate teams, fostering a collaborative environment to achieve compliance and audit goals.
- Compliance Expertise: In-depth knowledge of regulatory compliance requirements, industry standards, and audit frameworks.
- Automation & Process Improvement: Experience in driving automation and process improvements to increase efficiency and reduce errors in compliance and testing workflows.
- Analytical Skills: Strong ability to assess complex audit data, identify trends, and provide actionable insights to senior leadership.
- Communication Skills: Excellent verbal and written communication skills, with the ability to translate complex compliance and audit information for a variety of audiences, including senior management and external auditors.
What other skills/experience would be helpful to have?- Certified Information Systems Auditor (CISA)
- Certified in Risk and Information Systems Control (CRISC)
- Certified Information Privacy Professional (CIPP)
- Certified Information Systems Security Professional (CISSP)
- Certified Compliance and Ethics Professional (CCEP)
- Other relevant certifications (e.g., SOC 2, ISO 27001)
#AssurantProudJR
#LI-Remote
Pay Range:
$103,800.00 - $173,300.00
Any posted pay range considers a wide range of compensation factors, including candidate background, experience and work location, while also allowing for salary growth within the position.
If there is no posting end date listed then this is a pipeline requisition, and we will continue to collect applications on an ongoing basis.
For U.S. benefit information, visit myassurantbenefits.com. For benefit information outside the U.S., please speak with your recruiter.
AI and Biometric UsageAssurant supports the responsible use of Artificial Intelligence (AI), but we want to know the real you. Visit our AI Usage Guidelines page to understand what we expect from applicants regarding their use of AI during the application process.
Employment is contingent upon completion of a required identity verification process, which may include biometric technology, where permitted by applicable law and subject to applicable notice and consent requirements. See our Privacy Notice to learn about Assurant's privacy practices, including our use of AI-enabled technology, automated decision making, and biometric information.
Job Scam AlertPlease be aware that during Assurant's application process, we will never ask for personal information such as your Social Security number, bank account details, or passwords. Learn more about what to look out for and how to report a scam here.