70% - Compliance Support
- Conduct regular assessments to ensure compliance with cybersecurity regulations, standards, and industry best practices.
- Support the development of policies, procedures, and controls to address cybersecurity compliance requirements.
- Coordinate and participate in internal and external audits related to IT security compliance.
- Identify and assess risks to information assets and recommend mitigation strategies to address compliance gaps.
- Collaborate with IT and business stakeholders to implement security controls and remediate compliance issues.
- Monitor changes in regulations and standards to ensure ongoing compliance and recommend updates to policies and procedures as necessary.
- Prepare and maintain documentation, reports, and evidence of compliance activities for audit purposes.
- Provide guidance and training to staff on cybersecurity policies, procedures, and compliance requirements.
- Assist with incident response activities and investigations related to cybersecurity compliance issues.
30% - Support and maintain systems and processes related to security and compliance functions.
- Participate in audit activities, client audits, state DOI exams, RFP / due diligence reviews, internal audits
- Participate in all audit activities relating to SSAE-18 SOC 1 & 2 and SOX 404 IT audits ensuring work and deliverables in accordance with agreed upon timeframes and departmental procedures, standards, and protocols
- Partners cross-functionally, inter-departmentally and with the internal and external auditors to understand the process from an end-to-end perspective and appropriately and effectively communicates with these partners to understand the status for the corporation as a whole
- Ensures frequent communication of test and / or audit results and analysis on a timely basis to the appropriate stakeholders and senior management within the audit department
- Responsible for staying current on regulatory rules and changes within the industry, with specific focus on SSAE-18 SOC 1 & 2, SOX 404 and communicating industry / professional changes / developments to the audit department
- Participates in meetings with business unit to discuss test and / or audit scoping, testing progress and results
- Educate Assurant management and staff regarding risks and controls pertaining to security-related concepts, compliance and audit requirements.
- Evaluate, test and plan implementation of new or improved controls to keep Assurant current with industry standards and compliance requirements
- Collaboration with other Assurant (i.e. IAS, Privacy, IT Legal) and industry groups on IT compliance-related issues and concerns
- Recognize trends in security and compliance and emerging risks; making recommendations regarding policy / procedure updates to enable proactive security approach for Assurant
Manage, support and maintain security and compliance systems
For further information about Assurant, please visit our website :
30+ days ago