Old Republic Specialty Insurance Group · 19 hours ago
GRC Security Analyst
United States
Full-time
Remote
Entry, Mid Level
2+ years expOld Republic Specialty Insurance Group is a leading specialty insurer providing tailored solutions in underwriting and risk management services. The GRC Security Analyst plays a vital role in supporting the effectiveness of the enterprise security program by assisting with governance, risk, and compliance activities, including risk assessments and policy management.
Financial ServicesInsuranceProfessional Services
Hiring Manager
Shelby Ford, SHRM-CP
Responsibilities
Carry out assigned GRC tasks with attention to detail, ensuring work products meet established security standards and documentation requirements
Contribute to centralized and hybrid GRC service delivery efforts, ensuring consistent execution and documentation across Subsidiary Operating Centers (SOC)
Assist in assessment of controls, mitigation planning, and ORI, SOC, and vendor risk assessments
Help develop, update, and maintain security policies, standards, and procedures by performing research, drafting content, and incorporating stakeholder feedback
Participate in the development and maintenance of training and awareness campaigns
Assist in the coordination of internal and external audits, including evidence collection and issue tracking
Support to the development of risk metrics and dashboards to monitor control effectiveness and program maturity
Participate in cybersecurity strategy discussions by providing research, summarizing findings, and completing project-related tasks under guidance from senior team members
Use security tools and platforms to help internal customers solve problems and work securely, with oversight and guidance
Communicate effectively with team members and stakeholders to support operational and project-based security initiatives
Qualification
Required
Bachelor's degree in Information Security, Risk Management, Business Administration, or a related field. In lieu of a degree, candidates with equivalent practical experience and demonstrated expertise in cybersecurity, GRC, or related disciplines will be considered
2 – 4 years experience in GRC, cybersecurity, or risk management
Basic understanding of regulatory frameworks (e.g., SOX, HIPAA, GDPR, etc.)
Ability to work under moderate supervision and take direction from senior team members
Strong communication and collaboration skills, with the ability to engage with technical and non technical stakeholders
Preferred
Experience in GRC, cybersecurity, or IT risk roles within a large or complex organization
Experience working with GRC platforms (e.g., Archer, ServiceNow GRC)
Familiarity with regulatory and compliance frameworks such as: 23 NYCRR 500, NIST Cybersecurity Framework, ISO/IEC 27001, SOX, HIPAA, GDPR, or other industry-specific regulations
Professional certifications such as: CompTIA Security+, Certified Governance, Risk, and Compliance (CGRC), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP)
Company
Old Republic Specialty Insurance Group
Old Republic Specialty Insurance Group is the largest business segment within Old Republic International Corporation (NYSE: ORI) and specializes in the property and casualty marketplace.
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Sam Matthis
Chief Operating Officer - Old Republic Allied Management Company
Michael Baumel
Chief Claim Officer
Recent News
2024-12-05
Company data provided by crunchbase