Information Security Compliance Analyst

Holmes Murphy InsuranceWest Des Moines, IA
Onsite

About The Position

We are looking to add an Information Security Compliance Analyst II to join our Information Security team in West Des Moines, Iowa. Offering a forward-thinking, innovative, and vibrant company culture, along with the opportunity to share your unique potential, there really is no place like Holmes! The purpose of this position is to support the information security program, including initiatives related to strategy, policies, standards, risk management, awareness, and training. This role will also support the enhancement of the Enterprise’s overall governance program.

Requirements

  • Strong understanding and application of privacy policies, compliance standards and regulations such as NIST, HIPAA, NYDFS or GLBA.
  • Solid knowledge of GRC tools such as Apptega, Archer, etc.
  • Broad technical knowledge of network, cloud, and application security.
  • Ability to conduct internal and external risk assessments and identify various types of risks, such as operational, cybersecurity, regulatory, and reputational risks, and recognize the implications of these risks on the organization.
  • Proficient with mapping and analyzing workflows to identify points of inefficiency, risk, or non-compliance.
  • Strong understanding of SDLC and experience in compliance integration.
  • Ability to analyze complex issues and implement effective solutions.
  • Experience using automation tools within the work environment.
  • Ability and willingness to consistently participate in internal and external educational opportunities to enhance knowledge of current insurance topics or relevant system improvements.
  • Ability to be available for work on a daily basis and extended hours as necessary.
  • Must be knowledgeable of and comply with HMA's Client Privacy Policy, HIPAA regulations and E&O procedures and policies.
  • Associate’s or Bachelor’s degree in cybersecurity, technology, information systems, or related area or an equivalent combination of education, training, and experience.
  • 3-5 years of relevant experience in Information Security, compliance, governance, or other security-related fields.

Nice To Haves

  • Relevant certifications preferred.
  • Ability and willingness to pursue relevant designations and/or continuing education, as appropriate.

Responsibilities

  • Conduct comprehensive risk assessments and provide detailed reports on findings and required mitigations.
  • Lead the development and maintenance of policies, ensuring they address regulatory requirements.
  • Oversee implementation of risk mitigation controls, risk management, and conduct follow-up audits.
  • Manage vendor risk assessments, working with third parties to address any gaps.
  • Review contractual agreements against compliance standards and in alignment with HMA contractual requirements.
  • Develop and present compliance metrics and reports to senior management and auditors.
  • Mentor junior analysts and oversee documentation quality.
  • Take the lead on special compliance projects, ensuring alignment with strategic goals.
  • Assist with the annual SOC2 audit and other audits or assessments as appropriate.

Benefits

  • health, dental and vision
  • Paid Parental Leave and supportive New Parent Benefits
  • Company paid continuing Education & Tuition Reimbursement
  • 401k Profit Sharing
  • Generous time off practices in addition to paid holidays
  • Supportive of community efforts with paid Volunteer time off and employee matching gifts to charities that are important to you
  • Inclusion & Belonging Programs
  • Consistent merit increase and promotion opportunities
  • Discretionary bonus opportunity
  • Health Matters Day
  • Celebrate Day (for your birthday!)
  • Diversity Day
  • Volunteer Time Off
  • paid parental leave
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service