IT GRC Analyst (IAM/DLP)
IT GRC Analyst (IAM/DLP)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
Company Details
Company URL:
Berkley Technology Services (BTS) a member company of W. R. Berkley Corporation has facilities located in Des Moines Iowa and Wilmington Delaware and provides resultsdriven software applications system connectivity and worldclass operational support across the enterprise. Offering an entrepreneurial and innovative culture we enable team members to be on the cutting edge of technology while delivering high quality solutions. Additionally we provide a competitive compensation and benefits package including a casual dress code and flexible work arrangements. BTS is constantly growing and expanding to meet the changing demands of one of the most successful insurance organizations in the world. Visit us at to learn more about BTS and the career opportunities we have available!
Berkley Technology Services: Right Team Right Technology Simple and Secure.
Responsibilities
Berkley Technology Services (BTS) is hiring an IT GRC Analyst (IAM/DLP) reporting to the Director IT Regulatory and Compliance and will be located in either Urbandale IA/Wilmington DE/ Irving TX/ Manassas VA. This is an exciting role for an IT GRC analyst to be part of a global Fortune 400 (W.R. Berkley) Governance Risk and Compliance programs operational activities. This role may be filled at the Sr. Analyst level based on the candidates ability to be a thoughtleader qualified subject matter expert and proven ability to help drive the program and requirements. Working in concert with other Compliance Information Technology Information Security and Business Unit functions the IT GRC Analyst will ensure our overall control environment and corresponding activities/controls are aligned to our policies standards and/or relevant regulations. This role will focus on projects around identify and access management and data protection processes. On our team youll actively engage with technical and compliance/legal teams business units to perform and advance IT GRC operations. To do this youll be handson and help drive processes and procedures with other IT GRC professionals dedicated to the mission and vision of Berkley IT GRC operations.
- Perform process reviews and control assessments around identify and access management and data protection processes including Cloudbased platforms/environments
- Provide governance and compliance direction around identify and access management and data protection operations to ensure adequate alignment to internal policies and regulatory requirements. Provide feedback to ensure appropriate scope/coverage of processes.
- Assist with issues management to ensure items are documented and tracked for remediation with direct involvement by either facilitation of discussions or by being directly involved in the process.
- Familiarity with regulations such as SarbanesOxley (SOX) NY CCR Part 500 Cyber Security Regulation General Data Protection Regulation (GDPR) and/or California Consumer Privacy Act (CCPA).
- Evaluate data sources and use cases for consideration in the improvement and expansion of the Insider Threat and Risk Program.
- Perform data analysis to identify patterns and trends and make recommendations to enhance detective and preventive data protection controls
- Provide insight into the scope and coverage of access reviews to ensure compliance policy and regulatory requirements or to address risks.
- Review processes around user provisioning and deprovisioning rolebased access control (RBAC) and user profiles; and recommend improvements for efficient access reviews and quality of reviews.
Qualifications
- Minimum of 5 years of handson experience within Governance Risk Compliance with an emphasis on control/process/vendor assessments and regulatory compliance.
- College Degree CS IT or related technical discipline
- Experience within the Insurance or Financial industries along with relevant certifications as CISA are preferred.
- Able to demonstrate experience around identity access reporting and reviews access related controls (hires/terms/transfers) and revocation business impact analysis
- Experience with entitlement review platforms such as Sailpoint Stealthbits or Varonis
- Experience with data loss prevention platforms such as Digital Guardian and Purview
- Able to demonstrate experience around data protection controls such as endpoint device protection data classification and data loss prevention procedures.
- Hands on experience with GRC tools such as Archer AuditBoard ProcessUnity OneTrust and ServiceNow etc..
- Proven ability to guide or train others control frameworks and/or control assessments processes using COBIT UCF NIST CIS 18 and ISO 27001
- Extremely detail oriented with excellent organizational and planning skills and equally proficient oral and written communication acumen
Behavioral Core Competencies
- Excellent written and verbal communication skills
- Ability to work collaboratively with crossfunctional teams.
- Detailoriented with strong analytical and problemsolving skills.
- Leadership and communication skills with the ability to inspire and influence crossfunctional teams and senior stakeholders.
The Company is an equal employment opportunity employer.
Required Experience:
IC
Employment Type
Unclear
