Sr. IT GRC Analyst

Berkley • Irving • 2w ago

Company Details

Company URL: https://www.berkleytechnologyservices.com/

Berkley Technology Services (BTS), a member company of W. R. Berkley Corporation, has facilities located in Des Moines, Iowa and Wilmington, Delaware and provides results-driven software applications, system connectivity, and world-class operational support across the enterprise. Offering an entrepreneurial and innovative culture, we enable team members to be on the cutting edge of technology while delivering high quality solutions. Additionally, we provide a competitive compensation and benefits package including a casual dress code and flexible work arrangements. BTS is constantly growing and expanding to meet the changing demands of one of the most successful insurance organizations in the world. Visit us at https://berkley-bts.com to learn more about BTS and the career opportunities we have available!

Berkley Technology Services: Right Team, Right Technology, Simple and Secure.

Responsibilities

Berkley Technology Services (BTS) is hiring an Sr. IT GRC Analyst reporting to the Director, IT Regulatory and Compliance and will be located in either Urbandale, Iowa, Wilmington, Delaware, Iriving, Texas, Manassas, Virginia or remote may be available for the right candidate. This is an exciting role for a SR. IT GRC analyst to be part of a global Fortune 400 (W.R. Berkley) Governance Risk and Compliance program’s operational activities. Working in concert with other Compliance, Information Technology, Information Security, and Business Unit functions, the Sr. IT GRC Analyst will ensure our overall control environment and corresponding activities/controls are aligned to our policies, standards and/or relevant regulations. This role will focus on control assessments, from both a design and operating effectiveness perspective, against processes, applications/systems, infrastructure, etc. to ensure compliance. The Sr. IT GRC Analyst will document control assessments and other reviews by gathering evidence and documentation of workpapers. Additionally, this role will have input into risk assessments and issue documentation/tracking to support the full lifecycle of GRC operations. On our team, you’ll actively engage with technical and compliance/legal teams, business units to perform and advance IT GRC operations. To do this, you’ll be hands-on and help drive processes and procedures with other IT GRC professionals dedicated to the mission and vision of Berkley IT GRC operations.

Perform reviews of internal IT and Security controls by performing control and risk assessments of processes, procedures, system configurations, etc. to document control effectiveness from both a design and operating effectiveness perspective.
Document IT and Security controls testing results and/or findings, including the gathering and organizing of documentation or evidence collected.
Manage and/or coordinate issues and findings across all compliance related activities are documented and tracked for remediation, with direct involvement by either facilitation of discussions, or by being directly involved in the process.
Assist and/or lead on external audits to facilitate the process of gathering any requested information and/or documentation.
Help create GRC metrics and reports for Senior Leadership

Qualifications

Industry certifications (e.g., CISA, CISSP, CRISC, PMP, SCM) are a plus.
Proven track record of at least 5-8 years of progressive experience in IT Audit, Information Security and/or GRC, with core responsibilities focused on IT Governance, IT Controls testing, Finding remediation and IT Risk Assessments.
Familiarity with compliance frameworks such as NIST, ISO 27001, SOC2, and regulatory requirements (e.g., NYDFS, CCPA/GDPR, SOX).
Hands on experience with GRC products such as Archer, AuditBoard, OneTrust and ServiceNow etc...
Familiarity with Unified Control Framework and experience in maintaining and updating frameworks and/or control assessments processes in GRC tools.
Proficiency with presentation tools such as PowerPoint and data analysis tools (e.g., Excel, Power BI, Tableau) and experience in translating complex data into actionable insights, including automated monitoring.
Demonstrated ability to thrive in a fast-paced, dynamic environment, managing competing priorities and driving results through collaboration and teamwork.
Bachelor's degree in Information Security, Business Administration, Computer Science, or a related field. Advanced degree (e.g., MBA, MS) preferred
Ability to travel up to 20% of the time.

Behavioral Core Competencies

Excellent written and verbal communication skills
Ability to work collaboratively with cross-functional teams.
Detail-oriented with strong analytical and problem-solving skills.
Leadership and communication skills, with the ability to inspire and influence cross-functional teams and senior stakeholders.

The Company is an equal employment opportunity employer.