Senior Governance, Risk & IT Compliance Analyst (Remote)

<strong>AF Group (Lansing, Mich.) and its subsidiaries are a premier provider of innovative insurance solutions. Insurance policies may be issued by any of the following companies within AF Group: Accident Fund Insurance Company of America, Accident Fund National Insurance Company, Accident Fund General Insurance Company, United Wisconsin Insurance Company, Third Coast Insurance Company, or CompWest Insurance Company.</strong>

United States, USA

AF Group

<p class="p1"><strong>AF Group&rsquo;s focused and passionate team uses industry-leading best practices, analytics and resources to manage risk and minimize loss for our policyholders while strengthening businesses with our valued independent agent partners.</strong></p> <p class="p1"><strong>We strive to continuously increase the long-term value of our organization by outperforming our industry peers and fostering a culture of underwriting and claims excellence.</strong></p>

keywords: job description,work environment,compliance,strategy,continuous improvement,planning,leadership,other duties,education,experience,knowledge,communication,problem solving,customer service,policy,skills


Competitive Compensation and Benefits Package

Overview: <br /> <p><strong>Leveraging more than 100 years of experience and an &ldquo;A&rdquo; (Excellent) rating from A.M. Best, AF Group (Lansing, Mich.) is collectively one of the nation&rsquo;s largest writers of specialty insurance.</strong></p> <p><strong>Working at AF Group is more than a job. It is a career at one of the most dynamic, innovative, and successful insurance companies in the nation. In fact, we&rsquo;ve been named a Best Place to Work in Insurance by Business Insurance magazine for a decade.</strong></p> <p><strong>With career opportunities available in many disciplines at locations across the country, we&rsquo;re always looking to grow our exceptional workforce.</strong></p> <p>&nbsp;&nbsp;</p> <p>This position coordinates activities for the creation, implementation, and execution of strategies and programs designed to reduce and mitigate information security risk across the enterprise. The role supports enterprise-wide information security and assurance functions, ensuring that confidentiality, integrity, and availability requirements of information systems and assets are identified and managed appropriately within an insurance provider eco-system.<br /><br /></p> <p><strong>WORKING CONDITIONS:</strong></p> <p>Work is performed in an office setting with no unusual hazards. Minimal travel required.</p>
Responsibilities: <br /> <ul> <li>Responsible for identifying risks through a practical but comprehensive evaluation process.</li> <li>Responsible for improving the content, quality, and timing of governance, risk and compliance analysis, and reporting.</li> <li>Responsible for implementation of a proactive approach to risk management.</li> <li>Accountable to control the growth of governance, risk, and compliance-related expenses.</li> <li>Responsible to direct and establish a timely and consistent approach to assess and improve compliance programs across the business.</li> <li>Responsible for establishing an enterprise-wide view of gaps and improve risk response strategies.</li> <li>Responsible for streamlining compliance programs across the enterprise to gain efficiencies and improve effectiveness.</li> <li><a target="_blank">Responsible for establishing consistent policies and standards across the enterprise to enforce ownership and accountability.</a></li> <li><a target="_blank">Leverages technology to aggregate controls, risk, and compliance information to rapidly identify and report exceptions.</a></li> <li>Responsible for conducting Operational Risk Assessments and Compliance Reviews.</li> <li>Responsible for conducting and directing ERM assessments.</li> <li><a target="_blank">Conducts business unit self-assessments and reporting package development.</a></li> <li>Leads and directs&nbsp;<a target="_blank">engagements involving Operational Risk and ERM, emphasizing assisting businesses with the assessment and improvement of their risk management processes and program.</a></li> <li>Directs businesses with understanding regulatory compliance requirements and developing solutions to meet these requirements.</li> <li><a target="_blank">Provides vision, leadership, planning, project coordination, and management for the development of a cost-effective department while concurrently facilitating efficient operations to meet current and future business needs within the organization.</a></li> <li>Responsible for strategy, operations, and management in several functional areas in order to have a broad understanding of risk and compliance management.&nbsp;</li> <li>Represents company in community and industry, programs, and conferences.</li> <li>Upon request, functions as the department head in the absence of the executive leader.</li> <li><a target="_blank">Participates in the development of programs as a strategic partner that supports the company plan.</a></li> <li>Participates in development of annual departmental budget, monitor budget, and identify budget discrepancies. Researches cause and make recommendations.</li> <li>Responsible for balancing workload to optimize the effectiveness of the department.</li> </ul>
Requirements: <br /> <p><strong>EDUCATION OR EQUIVALENT EXPERIENCE:</strong></p> <ul> <li>Bachelor&rsquo;s degree in computer science or related field. &nbsp;</li> <li>Relevant combination of education and experience may be considered in lieu of degree.&nbsp;</li> <li>Continuous learning, as defined by the Company&rsquo;s learning philosophy, is required.&nbsp;</li> <li>Certification or progress toward certification is required.</li> </ul> <br /> <p><strong>EXPERIENCE:</strong></p> <ul> <li>Seven years of experience leading information risk, security and governance teams, transforming functions, and changing culture.</li> <li>Experience with leading the response to incidents, crises, and investigations with sensitivity, tenacity, and a focus on detail.</li> <li>Extensive experience in information security architecture, consultative stakeholder management, and strategic planning.</li> <li>Experience with classified networks, information classification, and confidentiality requirements associated with high-security environments.</li> <li>Two years demonstrated leadership in information security program management required.</li> </ul> <br /> <p><strong>SKILLS/KNOWLEDGE/ABILITIES (SKA) REQUIRED:</strong></p> <ul> <li>Ability to utilize industry standards and best practices to assess, advise, design, and/or recommend complex, enterprise-wide, regulatory compliance, risk management, and/or internal audit organization structures, policies and procedures, methodologies, toolkits, and templates.</li> <li>Ability to perform the following as it relates to Governance, Risk Management, and Compliance strategy, organization, policy, and governance: program evaluation, risk assessment, controls identification and testing, state/federal regulatory audits, industry-specific regulatory compliance such as Model audit Rule (MAR).</li> <li>Ability to identify and address client needs: actively participating in client discussions and meetings; managing engagements including preparing concise, accurate documents and balancing project management with the occurrence of unanticipated issues.</li> <li>Understanding of the enterprise information security architecture discipline, processes, concepts, and best practices.</li> <li>Demonstrated consultative approach to driving change and deploying controls.</li> <li>Knowledge of technological trends and developments in information security and risk management.</li> <li>Knowledge of information security and risk control frameworks as well as business continuity and IT disaster recovery frameworks.</li> <li>Ability to quickly grasp how new technologies work and how they might be applied to achieve business goals.</li> <li>Demonstrated ability to work effectively with a team, delivering high performance and customer satisfaction, in a culturally diverse, matrix management environment.</li> <li>Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors.</li> <li>Strong, proven problem-solving skills and the ability to identify, analyze, and resolve problems, driving solutions through to completion.&nbsp;</li> <li>Ability to work with and empower others on a collaborative basis to ensure success of unit team.</li> <li>Ability to effectively exchange information, in verbal or written form, by sharing ideas, reporting facts and other information, responding to questions, and employing active listening techniques.</li> <li>Ability to effectively present budgetary and/or cost information and respond to questions.</li> </ul>