IT Audit Security Specialist (GRC) at Clearcover
Our Value Proposition:
Clearcover is a venture-backed technology start-up disrupting the trillion dollar legacy insurance market. We’ve focused on building products that create confident, happy customers - and we’re flourishing. We believe in putting our people first, paying them well and working together to solve tough problems. If you’d like a high-growth opportunity with an award-winning company, let’s chat.
What is a GRC Specialist focused on IT Audit?
The Governance, Risk, Compliance (GRC) Specialist focused on IT Audit will lead IT GRC audit activities at Clearcover and partner with the Legal and Compliance teams on a regular basis. This role will contribute to Clearcover’s compliance and process improvement efforts through the execution of the annual Internal Audit Plan with a specific focus on information technology areas. The GRC Specialist will have a strong command of internal control concepts, including Sarbanes-Oxley (SOX), NIST 800-53 framework, and other applicable regulations, as well as experience assessing the design, implementation, and operating effectiveness of controls within an agile, risk-based internal control environment.
What will you do?
- Assist in the planning and execution of the annual ITGC SOX audit program
- Conduct internal audits and control assessments
- Prepare risk assessments to detail the risk and control structure of the audited area, business function, or process
- Conduct risk assessments of third party vendors
- Liaise with Clearcover management and external auditors on audit evidence requests, follow-ups, findings, and proposed solutions
- Provide technical guidance in the assessment, design and implementation of IT control requirements.
- Ensure timely remediation by process owners on prior regulatory and/or internal audit issues through validation procedures
- Design and build metrics and dashboards to track audit results.
What do you need?
- Strong experience working in IT Audit
- Solid understanding of industry regulations, standards, and frameworks such as
- NIST 800-53
- NIST CSF
- NIST RMF
- ISO 27001
- CIS Controls & Benchmarks
- Sarbanes Oxley
- SOC 1, 2
- Experience leading and executing risk-based IT focused internal audits, risk and control assessments, leveraging IT governance and control frameworks
- Ability to identify issues and provide actionable recommendations
- Experience with evaluating the effectiveness and use of both technical and non-technical security and IT controls.
- Strong oral, written, reporting and presentation skills.
Nice to haves?
- Insurance industry experience.
- Experience working for a cloud-native company.
- Experience with enterprise GRC solutions.
- Working knowledge of IT infrastructure, including, but not limited to operating systems, networking, storage, communication protocols, vulnerability management.
But wait, there’s more:
As a people-first company, your health and well-being is a priority at Clearcover. While we do offer medical (and cover the vast majority of the premium), dental, vision (and cover 100% of those premiums) and 401K (we contribute 3% even if you contribute nothing), we’ve curated a stack of perks and benefits that stretch beyond the expected. With over half of our employees remote to the Chicago HQ office, we paved the way for flexible work locations and continue to offer this flexibility. Our people also have access to unlimited vacation, monthly mental health workshops, discounted gym memberships, equity in the company and an annual bonus program. Plus, if Clearcover is available in your state, you could have access to an employee discount on auto-insurance! Excited to learn more? Complete the application below!
Clearcover is an Equal Opportunity Employer (EOE) that welcomes and encourages all applicants to apply regardless of age, race, color, religion, sex, sexual orientation, gender identify and/or expression, national origin, disability, veteran status, marital or parental status, ancestry, citizenship status, pregnancy or other reasons prohibited by law.