Information Security GRC Analyst at Root
The Information Security team at Root strives to manage information security risk within the organization while enabling transformative technologists to do their cutting-edge work. As an Information Security GRC Analyst, you’ll be joining a team dedicated to securing Root, having an opportunity to influence how we mature our policies, procedures, and governance programs to manage risk and address regulatory requirements appropriately.
The ideal candidate is technically sound and brings strong communication and problem-solving skills. Experience with information security frameworks and standards as well as risk management processes is a must. This position provides a unique opportunity to work in a rapidly growing, inclusive environment and to assist the organization in finding the right balance between team-level objectives and the implementation of the information security framework.
What you'll be doing.
- Support the creation and maintenance of an Information Security Control Framework.
- Perform analysis of the Information Security control environment to monitor effectiveness and identify gaps.
- Collaborate with teams across the organization to identify appropriate risk remediation activities and track remediation to completion.
- Assist in the documentation of Information Security policies and standards.
- Manage exceptions to Information Security policy/standard requirements.
- Perform control evaluation to determine the effectiveness of critical information security controls.
- Monitor and report on key metrics related to the control environment.
- Execute Information Security Risk Management activities.
What we're looking for.
- Experience executing information security risk management activities, including risk assessment, response, and monitoring processes
- A sound understanding of information security control frameworks, standards, and regulations
- Experience designing and evaluating controls to reduce information security risk
- Problem-solving skills and attention to detail
- Experience developing reports and metrics, including data analysis and data visualization
- Experience and enthusiasm for working with users with different skill levels and backgrounds; naturally collaborative
At Root, we judge people based on the merit of their work, not who they are. Very few (if any!) people will fit every description; so if you are passionate about what this role entails, and are excited by solving real problems, we encourage you to apply; we want to learn about you, and what you can add to our team!
Who we are. Root Insurance is the nation’s first licensed insurance carrier powered entirely by mobile. We were founded on the belief that the services you need for everyday life should serve you better. That’s why we base insurance coverages on you, not your demographic. It’s the way insurance should be. And it’s all conveniently in an app.
What draws people to Root. Our early success is in large part due to our unwavering standards in hiring. We recognize that our product is only as good as the people building and promoting it. We look for individuals who find solutions by going through the cycle of ideation to implementation with curiosity, rigor, and a highly analytical lens. Ask anyone who works here and you’ll hear similar reasons for why they joined:
Autonomy. For assertive self-starters, the opportunities to contribute are limitless.
Impact. By challenging the way it’s always been done, we solve problems that have a big impact on our business.
Collaboration. We encourage rich discussion and civil debate at every turn.
People. We are inspired by the collection of crazy-smart people around us