This job has closed.

Acrisure · 4 months ago

Lead Governance, Risk, and Compliance Analyst

GRAND RAPIDS, MI

Full-time

Onsite

Senior Level, Lead/Staff

$120K/yr - $140K/yr

5+ years exp

Acrisure is a global fintech leader empowering businesses with customized solutions across various domains. They are seeking a highly experienced Senior GRC Analyst to ensure security practices align with compliance requirements and drive technical solutions for secure systems and data protection.

Financial ServicesInsuranceInsurTech

H1B Sponsor Likely

Responsibilities

We are seeking a seasoned GRC leader with deep expertise in cybersecurity frameworks, regulatory compliance, and risk management. The ideal candidate will be a strategic thinker and hands-on contributor, capable of driving security initiatives across the enterprise

Demonstrated expertise in completing Security Questionnaires, Risk Assessments, Due Diligence Questionnaires (DDQs), RFIs, and other technical ad hoc requests from clients, regulators, and partners

Strong command of GRC frameworks such as NIST CSF, ISO 27001, and COBIT. Proven ability to align technical and administrative controls with regulatory and audit requirements

Lead internal and external audits, including SOC 2 Type I/II readiness, SOX ITGC testing, and HIPAA security rule assessments. Coordinate evidence collection and remediation efforts

Qualification

GRC frameworksCybersecurity regulationsRisk assessmentsSecurity engineeringSOX complianceHIPAA complianceISO 27001NIST standardsLeadership skillsCommunication skills

Required

10 to 25 years of experience in responding to client/prospect compliance questionnaires and cybersecurity assessments

Experience performing internal risk assessments

Maintain awareness of existing and proposed cyber security regulations

Hands-on experience with audit, governance, risk, and compliance (GRC) frameworks

Demonstrated expertise in completing Security Questionnaires, Risk Assessments, Due Diligence Questionnaires (DDQs), RFIs, and other technical ad hoc requests from clients, regulators, and partners

Strong command of GRC frameworks such as NIST CSF, ISO 27001, and COBIT

Proven ability to align technical and administrative controls with regulatory and audit requirements

Lead internal and external audits, including SOC 2 Type I/II readiness, SOX ITGC testing, and HIPAA security rule assessments

Coordinate evidence collection and remediation efforts

In-depth experience with regulatory frameworks and standards including SOX, HIPAA, SOC 2, NYDFS Cybersecurity Regulation, GDPR, and PCI-DSS

Proven ability to lead cross-functional teams, mentor junior engineers, and serve as a subject matter expert in security technologies, tools, and frameworks

Strong communication skills to engage with technical and non-technical stakeholders

5+ years of relevant experience in security engineering and GRC-focused security solutions development

Deep understanding of security standards and frameworks such as NIST, ISO 27001, CIS Controls, and industry compliance regulations (NYDFS, GDPR, HIPAA, PCI-DSS)

Proven ability to manage complex timelines and deliverables, ensuring alignment with organizational goals and regulatory requirements

Strong leadership and communication skills, with a track record of engaging stakeholders and guiding security teams toward shared objectives

Benefits

Competitive compensation

Generous vacation policy, paid holidays, and paid sick time

Medical Insurance, Dental Insurance, and Vision Insurance (employee-paid)

Company-paid Short-Term and Long-Term Disability Insurance

Company-paid Group Life insurance

Company-paid Employee Assistance Program (EAP) and Calm App subscription

Employee-paid Pet Insurance and optional supplemental insurance coverage

Vested 401(k) with company match and financial wellness programs

Flexible Spending Account (FSA), Health Savings Account (HSA) and commuter benefits options

Paid maternity leave, paid paternity leave, and fertility benefits

Career growth and learning opportunities

Physical Wellness: Comprehensive medical insurance, dental insurance, and vision insurance; life and disability insurance; fertility benefits; wellness resources; and paid sick time.

Mental Wellness: Generous paid time off and holidays; Employee Assistance Program (EAP); and a complimentary Calm app subscription.

Financial Wellness: Immediate vesting in a 401(k) plan; Health Savings Account (HSA) and Flexible Spending Account (FSA) options; commuter benefits; and employee discount programs.

Family Care: Paid maternity leave and paid paternity leave (including for adoptive parents); legal plan options; and pet insurance coverage.

Company

Acrisure

Glassdoor3.4

Acrisure offers financial services solutions for insurance, reinsurance, real estate, cyber services, and asset and wealth management.

Founded in 2005

Grand Rapids, Michigan, USA

10001+ employees

http://acrisure.com

H1B Sponsorship

Acrisure has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (1)

2022 (2)