Information Security Compliance Analyst @ ACUITY A MUTUAL INSURANCE COMPANY | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
Information Security Compliance Analyst jobs in United States
29 applicants
company-logo

ACUITY A MUTUAL INSURANCE COMPANY · 3 hours ago

Information Security Compliance Analyst

ftfMaximize your interview chances
Auto InsuranceCommercial Insurance
check
Comp. & Benefits
badNo H1Bnote

Insider Connection @ACUITY A MUTUAL INSURANCE COMPANY

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Establish and maintain a knowledge and understanding of applicable information security standards and frameworks such as NIST, CIS Critical Security Controls, PCI DSS, and HIPAA, as well as relevant federal and state statutes and regulations regarding data privacy, cyber security and other applicable requirements.
Assist with the general evaluation and due diligence of Third-Party Service Providers and their security programs, ensuring the provider has in place appropriate administrative, technical, and physical measures to protect and secure the Information Systems and Nonpublic Information that are accessible to, or held by, the Third-Party Service Provider. Regularly review and audit service providers to validate ongoing compliance.
Develop, document and maintain formal security policies, standards and procedures that are in compliance with applicable laws, regulations and information security best practices. Update and maintain all documents on at least an annual basis.
Assist in the identification of security controls and processes needed to be compliant with Acuity’s Information Security Policies.
Work with Business Units to ensure the secure transfer of data to third parties.
Work with the Security Awareness Committee to support and contribute to establishing a corporate culture that is committed to information security best practices.
Prepare presentations, informational articles, educational and training materials to promote security awareness.
Assist in facilitating internal and external compliance audits, as needed.
Work with process owners within the business units to perform compliance assessments to determine if systems and controls meet regulatory requirements, industry standards, and best practices and conform to information security policies, procedures, and standards.
Monitor for new compliance regulations, assess the impact to the organization, and work with the impacted IT and business units to ensure compliance.
Gather, prepare and develop security/compliance metrics, KPIs and other reports that may be provided to management, executives and the Board of Directors.
Demonstrate a willingness and ability to continually learn and stay abreast of emerging security threats and evolving security models and responses.
Exhibit a high-level of attention to detail with strong planning and organization skills.
Remain abreast of company and industry directions.
Regular and predictable attendance.
Perform other duties as assigned.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

NISTCIS Critical Security ControlsPCI DSSHIPAAIT audit/complianceInformation security policiesData privacy regulationsSecurity awareness trainingTechnical writing

Required

Bachelor’s Degree in Computer Science, Information Systems or equivalent and continued field specific education.
Establish and maintain a knowledge and understanding of applicable information security standards and frameworks such as NIST, CIS Critical Security Controls, PCI DSS, and HIPAA, as well as relevant federal and state statutes and regulations regarding data privacy, cyber security and other applicable requirements.
Assist with the general evaluation and due diligence of Third-Party Service Providers and their security programs, ensuring the provider has in place appropriate administrative, technical, and physical measures to protect and secure the Information Systems and Nonpublic Information that are accessible to, or held by, the Third-Party Service Provider.
Develop, document and maintain formal security policies, standards and procedures that are in compliance with applicable laws, regulations and information security best practices.
Assist in the identification of security controls and processes needed to be compliant with Acuity’s Information Security Policies.
Work with Business Units to ensure the secure transfer of data to third parties.
Work with the Security Awareness Committee to support and contribute to establishing a corporate culture that is committed to information security best practices.
Prepare presentations, informational articles, educational and training materials to promote security awareness.
Assist in facilitating internal and external compliance audits, as needed.
Work with process owners within the business units to perform compliance assessments to determine if systems and controls meet regulatory requirements, industry standards, and best practices and conform to information security policies, procedures, and standards.
Monitor for new compliance regulations, assess the impact to the organization, and work with the impacted IT and business units to ensure compliance.
Gather, prepare and develop security/compliance metrics, KPIs and other reports that may be provided to management, executives and the Board of Directors.
Demonstrate a willingness and ability to continually learn and stay abreast of emerging security threats and evolving security models and responses.
Exhibit a high-level of attention to detail with strong planning and organization skills.
Regular and predictable attendance.
Perform other duties as assigned.
Understanding of information security principles, standards and best practices as well as fundamental IT concepts, tools and technologies.
Ability to work cooperatively with technical and non-technical system users and industry vendors.
Possess strong oral and written communication skills with technical writing experience.
Have keen analytical skills with strong problem solving abilities.
Good listening skills as well as the ability to train and educate others regarding information security.
Strong ethics with a commitment to maintaining confidentiality and integrity.

Preferred

Practical experience in IT audit/compliance or related information security experience preferred.
Insurance industry knowledge/experience beneficial.

Company

ACUITY A MUTUAL INSURANCE COMPANY

twittertwittertwitter
company-logo
community philanthropy

Funding

Current Stage
Late Stage

Recent News

BizTimes - Milwaukee Business News
Company data provided by crunchbase
logo

Orion

Your AI Copilot