Cybersecurity GRC Analyst

Western National Group & Umialik InsuranceEdina, MN
$66,300 - $114,290Hybrid

About The Position

Western National is seeking a Cybersecurity GRC Analyst to join their team. The individual in this role will have the opportunity to strengthen the organization’s information security program by supporting regulatory compliance, managing third-party security risk, advancing security framework maturity, leading security awareness initiatives, and delivering meaningful security metrics that enable informed business decisions.

Requirements

  • Two-plus years of experience in governance, risk, and compliance (GRC); compliance; cybersecurity; or security awareness roles.
  • Strong understanding of security and regulatory frameworks, such as NIST CSF, CIS Controls, COBIT, and similar standards.
  • Experience supporting regulatory audits, evidence collection, or third-party compliance assessments.
  • Experience conducting vendor security risk assessments and documenting remediation activities.
  • Strong understanding of governance, risk, and compliance concepts.
  • Excellent organizational, written, verbal, and interpersonal communication skills.
  • Proficient use of Microsoft Office applications, including Excel, PowerPoint, and Word.
  • Ability to analyze information, identify trends, and communicate recommendations effectively.
  • Bachelor's degree in communications, business, or a related field or equivalent relevant experience.

Nice To Haves

  • Experience using governance, risk, and compliance platforms, such as Drata, Vanta, OneTrust, or Archer.
  • Knowledge of state insurance regulations and compliance reporting requirements.
  • Experience developing or leading security awareness and phishing simulation programs.
  • Experience supporting vendor management or third-party security review processes.
  • Experience developing executive dashboards and security performance reporting.
  • Professional certifications, such as CompTIA Security+, CISA, CRISC, or other governance, risk, and compliance-related credentials.
  • Experience within the insurance, financial services, or healthcare industry.

Responsibilities

  • Supports insurance-related regulatory compliance by maintaining audit-ready documentation and coordinating timely and accurate regulatory filings across multiple states.
  • Partners with vendor management, legal, and business stakeholders to integrate security requirements throughout the vendor lifecycle.
  • Performs security risk assessments of third-party vendors and service providers and tracks remediation activities.
  • Maintains the vendor risk register and monitors progress toward risk mitigation objectives.
  • Serves as the Information Security Team's primary point of contact for state insurance departments, auditors, and compliance-related inquiries.
  • Designs, coordinates, and executes the organization's security awareness training program.
  • Develops targeted awareness campaigns focused on phishing, social engineering, and secure behaviors across the organization.
  • Creates and distributes security awareness communications, including newsletters, alerts, and announcements.
  • Tracks training participation, measures program effectiveness, and recommends continuous improvements.
  • Maps existing security controls to recognized frameworks, such as NIST Cybersecurity Framework (CSF), CIS Controls, and NYDFS requirements.
  • Conducts security framework gap assessments and develops recommendations to improve organizational maturity.
  • Supports evidence collection for internal audits, regulatory reviews, and annual maturity assessments.
  • Defines, tracks, and reports key risk indicators (KRIs) and key performance indicators (KPIs) for the information security program.
  • Develops dashboards and reports that provide leadership visibility into security compliance, awareness, incident response, and program performance.
  • Assists information security leadership with executive reporting and board presentation materials.
  • Exercises sound judgment when identifying compliance gaps, prioritizing work, and escalating security risks.
  • Recommends process improvements that strengthen governance, documentation, compliance activities, and security awareness efforts.
  • Consistently acts according to our customer experience standards, including responding quickly, maintaining a positive attitude, building rapport, demonstrating empathy, managing the customer's expectations, using the proper communication channel for the situation, and taking ownership to ensure the customer's issue is resolved.
  • Performs special projects and other duties as assigned.

Benefits

  • Medical insurance plan options
  • Dental insurance
  • Vision benefits
  • Life insurance
  • Disability insurance
  • Health Savings Accounts (HSA)
  • Flexible Spending Accounts (FSA)
  • 401(k) Plan (participants are eligible for 100% matching on the first 6% of their contributions)
  • Wellbeing Program, including onsite fitness studio
  • Paid Time Off – including holiday, vacation, and volunteer
  • 100% company-paid tuition reimbursement for approved job-relevant coursework
  • Access to The Institutes (Risk and insurance education)
  • Paid parental leave
  • Bonus opportunities
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service