Director of Risk and Compliance at CCC Information Services
At CCC, it’s all about connectivity we are a provider of innovative cloud, mobile, telematics, hyperscale technologies and services for the automotive, insurance, and collision repair industries. Our solutions and big data insights are delivered through our CCC ONE™ platform, which connects 350+ insurance companies, 24,000+ repair facilities, original equipment manufacturers, hundreds of parts suppliers, and dozens of third-party data and service providers. Our platform, carwise.com , provides access to car-related services for millions of consumers. Auto Injury Solutions Inc., also a CCC company, provides casualty solutions to auto insurers for the handling of first and third-party claims. In short, our collective set of solutions make connected car, vehicle, and accident data actionable, informing decision-making, enhancing productivity, and helping customers deliver faster and better experiences for end consumers.
Job Description Summary
Founded in 1980, CCC Information Services “CCC” is the leading provider of claims management technology for the automotive, insurance, and collision repair industry. CCC’s collision repair and insurance technology, data, and insights enable customers to efficiently manage the claims process by improving communication between property and casualty insurance carriers, repair facilities, part providers, rental car companies, and vehicle owners. Armed with vast amounts of historical data, CCC has access to the most claims information in the industry, connects more insurers to more repairers than anyone else, and has a powerful platform that is pioneering digital solutions to customers nationwide, helping them to make more informed and accurate decisions. Technology innovation is disrupting the automotive and insurance industry, creating an ecosystem that is demanding connections between insurers, manufactures, repairers, and the drivers that count on them every day. For over 30 years, CCC has led the industry in innovative solutions with a goal to get drivers back into their cars as quickly as possible. CCC’s solutions and big data insights are delivered through the powerful CCC One platform, which connect a vast network of 350+ insurance companies, 24,000 repair facilities, OEMS, hundreds of parts suppliers, and dozens of third-party data and service providers. The growth and innovation at CCC is exciting, inspiring, and invigorating. The technology leadership team continues to invest in new solutions and this opportunity represents significant personal and professional growth for the successful candidate
The Director of Risk and Compliance provides a wide range of governance controls and is responsible for the identification, cataloguing, and reporting of risk within the IT enterprise. This position will also serve as the focal point for tracking and communicating internal, regulatory, and customer compliance.
· University degree or equivalent
· Industry certifications such as CISSP, CISA, CISM
· Position requires on-site presence in the Chicago, IL area
· 15 years of experience in the following disciplines:
o Risk management within large, complex IT environments
o Regulatory requirements within the insurance industry
o National and international privacy laws
o Commercial security consulting within governance and policy
o Clear and concise business communication
· Creation of a Risk Management Program in order to identify, classify, catalogue, track, and report risk within CCCIS IT technical environments and associated processes.
· Establish processes and tools to assess risk within business units, IT DevOps, customer support environments; establish incident response risk assessment processes.
· Provide asset owners with consultative risk management advice to assure levels of exposure are acceptable to the organization and associated business units.
· Create a program, consisting pf processes and tools, to identify and catalogue security controls applied to:
o Internal security compliance requirements.
o External (regulatory) compliance requirements.
o National and international privacy requirements.
o Contractual (customer) compliance requirements.
· Create and maintain the library of IT security policies, procedures, guidelines and standards.
· Create metrics and measurements to determine the effectiveness of the risk management and compliance function.
· Provide leadership in managing, mentoring and training team members to support their professional growth and improve their capabilities.