Security Analyst

 •  Assurant Woodbury, MN and Miami, FL

Less than 5 years experience  •  Insurance

Salary depends on experience
Posted on 11/22/17
Woodbury, MN
Less than 5 years experience
Insurance
Salary depends on experience
Posted on 11/22/17

Job Summary:
This Security Analyst is responsible for maintaining solid knowledge of IT Security and Compliance concepts around industry regulations and standards, controls, audit requirements, compliance, identity management, development, and IT infrastructure. This function supports IT-related security and compliance functions. This position can also maintain and execute procedures for enforcing Assurant Security Policies & Standards, regulatory requirements, contractual agreements/obligations and any other IT-related security and privacy requirements.

The candidate must possess a strong understanding of security infrastructure components, good analytical and troubleshooting skills and have the ability to perform problem resolution and make process improvements.

Primary Responsibilities:

50% - Support and maintain systems and processes related to governance, risk and compliance functions

  • Collaborate with various Assurant GRC personnel to actively identify risks that will need to be added to and monitored via the risk registry
  • Support maintenance of the IT Risk Register
  • Escalate critical/high risk items to management in a timely manner
  • Track remediation/mitigation of identified risks
  • Conduct risk assessments on assigned initiatives
  • Participate in continuous process improvement of the IT risk management process
  • Maintain & reportrisk related metrics and documentation


40% - GRC Platform Administration and Support

  • Maintain requirements and governance documentation for GRC implementation
  • Administer GRC Platform (hands on configuration, user management, etc.)
  • Model effective technical and professional skills, and share knowledge with others
  • Provides day-to-day monitoring of application and performance of GRC Platform
  • Identify and respond to GRC Platform events and incidents
  • Identify and resolve problems and issues in a timely manner


10% - Project Support

  • Participate on medium to large projects
  • Manage multiple projects/issues concurrently
  • Organize and participate in meetings required for each project
  • Provide Lead Security Analyst or Manager with a weekly status report
  • Identify and inform Lead Security Analyst or Manager of any issues, concerns, or vulnerabilities within the project
  • Accountable for delivering project plans, test plans, tasks and communicating progress or issues on projects

Basic Qualifications:

  • 3+ years experience working with IT or Information Security/GRC, legal, audit, compliance
  • 1+ years of hands on Administration experience with a GRC Platform or tool


Other Experience:

  • Experience working with Risk Management Frameworks like NIST RMF, COSO’s Enterprise Risk Management, ISACA’s Risk IT, etc.
  • Experience contributing as a virtual team member
  • Familiarity with Industry Regulations & Standards such as HIPAA, GLBA, SOX, PCI-DSS, ISO, etc.


Preferred Qualifications:

  • Bachelor’s degree in Information Systems, Business Management, Computer Science, Engineering, Accounting, Finance, Audit
  • Professional certification(s) (CISA, Security+, MCSE, CNA/CNE, CISSP)
  • Strong knowledge of general controls and processes

Requisition Number 52566

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.