Senior IT Compliance Analyst
R4105 Senior IT Compliance Analyst (Open)
Why join us?
Impact. Join us in reinventing CSAA Insurance Group, a AAA Insurer and provide solutions across 23 states and the District of Columbia. Work and learn alongside your Team Members at start-up speed and agility to create real and meaningful change.
Recognition. We offer a competitive compensation package including base salary, annual performance bonuses, benefits, and 401(k) Company match with additional discretionary contribution potential.
Lifestyle. We do honorable work, and we live our values: respect, integrity, teamwork, and service.
What you'll do:
IT Governance, Risk and Compliance Group (IT GRC) is responsible for maturing company business processes, specifically within IT, with the goal of laying the foundation for the company's strategy of continuous compliance. You will be the lead for crucial areas like Payment Card Industry (PCI) and NIST Cyber Security Framework compliance testing.
You will serve as control tester and advisor for information security colleagues and owners of business and IT processes and controls. Reviewing and investigating large scale and highly complex operational issues and analyzing processes and control points to recommend and work with departments to implement compliance improvement solutions. Provides consulting leadership for the planning, design, and implementation compliance remediation models.
What you've done:
Supported planning and execution of Cybersecurity assessment and Compliance engagements; Focusing on PCI and NIST CSF , but also including Model Audit Rule (MAR) IT General Controls (ITGC), New York Dept. of Financial Services (NY DFS),Various State Departments of Insurance and other regulatory bodies requirements.
Perform research and provide strategic security advisory as it relates to PCI, NIST CSF, IT General Controls and MAR consulting services for IT and business colleagues, ranging from policy definition to adoption and application.
Determine control maturity, functionality, criticality and recommend manual or automated ways to remediate control gaps or weaknesses. Provide updates to Information Security leadership with documentation about potential issues and status of IT compliance efforts.
Effectively communicate and influence others on the value and need for controls. Develop and coordinate training on process and controls standards to business units that are accountable and responsible for PCI processes and other IT controls
Monitor the performance of the assigned standards, processes, and controls and perform day-to-day organization, process and technology data collection and analysis, interviews and discovery workshops
Education, Qualifications and what we'd like to see:
Bachelors' degree in an Information Technology related subject area, Master's degree a plus
Payment Card Industry certification required (PCIP, ISA or QSA)
5+ years' experience in Security and PCI Compliance.
7 years of IT internal controls experience
CISA and/or CISSP certification as well as SOX / MAR experience
Experience in recommending and evaluating compensating controls
Ability to convey complex technical security concepts to a broad audience including executives
Up to 20% travel may be required
CSAA Insurance Group offers many benefits, including:
Medical, dental, vision, disability and life insurance coverage including benefits coverage for domestic partners. Company contributions into a Health Savings Account (HSA).
401(k) plus company matching dollar for dollar up to 6% and a cash balance retirement program.
Company paid employee assistance plan and health support programs.
Award-winning wellness programs including free onsite fitness classes.
Paid bonding leave for birthing and non-birthing parent and paid adoption leave.
Two weeks paid military leave.
Flexible time off, plus ten paid holidays and 24 hours of paid time off to volunteer.
Tuition reimbursement, self-service training, career development and mentorship opportunities.
Be part of a community that works
At CSAA Insurance Group, we take pride in our values-based culture. Helping our employees lead enriched lives and satisfying careers is how we work. Our employees appreciate the integrity and inclusion that is evident throughout our everyday interactions. We respect the diverse range of perspectives, backgrounds and cultures of our teams, and join together when it comes to helping our members, community or one another.
Headquartered in Walnut Creek, California, our community also works in Arizona, Colorado, Nevada, New Jersey and Oklahoma. Learn more about us at CSAA-Insurance.aaa.com/careers
Let's work together
Please submit your application to be considered. We communicate via email, so please check your inbox to ensure you don't miss important updates from us.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Csaa Insurance Group