This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

Showing you new job offers everyday

To post a job, login or create an account |  Post a Job

New

Security Risk and Compliance Analyst

Air

This is a Full-time position in Boston, MA posted November 23, 2021.

Company Description

AIR Worldwide (AIR), a Verisk business, provides risk modeling solutions that make individuals, businesses, and society more resilient to extreme events.

In 1987, AIR Worldwide founded the catastrophe modeling industry and today models the risk from natural catastrophes, terrorism, pandemics, casualty catastrophes, and cyber attacks, globally.

Insurance, reinsurance, financial, corporate, and government clients rely on AIR’s advanced science, software, and consulting services for catastrophe risk management, insurance-linked securities, site-specific engineering analyses, and agricultural risk management.

AIR Worldwide, is headquartered in Boston with additional offices in North America, Europe, and Asia.

To learn more about AIR, please visit us at: www.air-worldwide.com.

We are proud to be a part of the Verisk family of companies!

At the heart of what we do is help clients manage risk.

Verisk (Nasdaq: VRSK) provides data and insights to our customers in insurance, energy and the financial services markets so they can make faster and more informed decisions.

Our global team uses AI, machine learning, automation, and other emerging technologies to collect and analyze billions of records.

We provide advanced decision-support to prevent credit, lending, and cyber risks.

In addition, we monitor and advise companies on complex global matters such as climate change, catastrophes, and geopolitical issues.

But why we do our work is what sets us apart.

It stems from a commitment to making the world better, safer and stronger.

It’s the reason Verisk is part of the UN Global Compact sustainability initiative.

It’s why we made a commitment to balancing 100 percent of our carbon emissions.

It’s the aim of our “returnship” program for experienced professionals rejoining the workforce after time away.

And, it’s what drives our annual Innovation Day, where we identify our next first-to-market innovations to solve our customers’ problems.

At its core, Verisk uses data to minimize risk and maximize value.

But far bigger, is why we do what we do.

At Verisk you can build an exciting career with meaningful work; create positive and lasting impact on business; and find the support, coaching, and training you need to advance your career.

We have received the Great Place to Work® Certification for the fifth consecutive year.

We’ve been recognized by Forbes as a World’s Best Employer and a Best Employer for Women, testaments to our culture of engagement and the value we place on an inclusive and diverse workforce.

Verisk’s Statement on Racial Equity and Diversity supports our commitment to these values and affecting positive and lasting change in the communities where we live and work.

Job Description

We are seeking a Security Risk Compliance Analyst to join our Operations team based in Boston, Massachusetts.

You will be responsible for supporting our mission-critical compliance and privacy work which includes assisting with internal policy compliance initiatives and addressing security and privacy questions on behalf of our clients.

The successful candidate should have knowledge and experience of information security frameworks and related compliance issues and have the flexibility to adapt to evolving requirements in the security and regulatory landscape.

About the Day to Day Responsibilities of the Role
Assist with security assessments and audits.

Monitor and report on the implementation of enterprise information security and privacy controls.
Respond to customer/business partner security inquiries and assist with remediating findings in a timely manner.

Serve as a company representative for prospects, customers, and partners regarding security questionnaires, assessments, and audits.
Operationalize policies and procedures to ensure effective risk mitigation and regulatory compliance while balancing operating efficiency.
Keep abreast of updates to regulations, frameworks, and client requirements (including GDPR, CCPA, NIST, HIPAA, and state regulations).

Understand emerging threats that warrant additional controls.

Liaise with technical and business owners to implement necessary changes.
Provide security communication, awareness, and training for staff.

Promote a culture of risk management and compliance throughout all levels.
Develop & maintain a repository of reference documents concerning information security requirements and strategies applicable across the organization.
Assist with Third-Party Risk Management (TPRM) activities; conduct due diligence assessments of prospective vendors and perform periodic reviews of third-party vendor environments; identify current vulnerabilities for vendor utilized environments and/or applications; provide feedback to business leaders and risk owners.

Qualifications
Working knowledge of information security/privacy standards and best practices (e.g.

NIST, SANS) as well as regulations related to information security and data confidentiality (e.g.

CCPA, GDPR, HIPAA, etc.)
General understanding of infrastructure architecture including WANs, LANs, Internet, intranets, cloud computing, databases, and communication protocols
Demonstrated ability to operationalize enterprise-wide data security/privacy standards and policies, taking account of business constraints
Experience reviewing and monitoring client and vendor contracts for appropriate data security/privacy considerations
Proficiency with Microsoft Word, Excel and PowerPoint
Strong organizational skills
Ability to work collaboratively across multiple diverse departments
Strong written and verbal communication skills
Bachelor’s degree in a technology-related discipline
3+ years of information systems security or related auditing experience
#LI-AO1

Additional Information

Verisk Analytics is an equal opportunity employer.

All members of the Verisk Analytics family of companies are equal opportunity employers.

We consider all qualified applicants for employment without regard to race, religion, color, national origin, citizenship, sex, gender identity and/or expression, sexual orientation, veteran’s status, age or disability.

http://www.verisk.com/careers.html

Unsolicited resumes sent to Verisk, including unsolicited resumes sent to a Verisk business mailing address, fax machine or email address, or directly to Verisk employees, will be considered Verisk property.

Verisk will NOT pay a fee for any placement resulting from the receipt of an unsolicited resume.

Consumer Privacy Notice

Effective November 15, 2021, and subject to applicable law, all prospective hires for this position will be required to demonstrate that they are fully vaccinated against COVID-19 by their start date, or qualify for a legally-required medical or religious accommodation to this vaccination requirement, as a condition of employment.

Hired candidates who do not demonstrate that they are fully vaccinated against COVID-19 by their start date, and who have not been approved for a legally-required medical or religious accommodation will no longer meet the requirements for employment and their offers of employment will be immediately rescinded, in accordance with applicable law.