Senior Risk & Compliance Analyst

HUB International•Chicago, IL

1d•$95,000 - $110,000

About The Position

At HUB International, we are a team of entrepreneurs. We believe in protecting and supporting the aspirations of individuals, families, and businesses. We help our clients evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees to learn, grow, and make a difference. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence. HUB is a global insurance and employee benefits broker, providing a boundaryless array of business insurance, employee benefits, risk services, personal insurance, retirement, and private wealth management products and services. With over $5 billion in revenue and almost 20,000 employees in 600 offices throughout North America, HUB has grown substantially, in part due to our industry leading success in mergers and acquisitions This position supports the growth of the Compliance and Governance business unit within Information Security by being responsible for supporting development, monitoring and maintenance of an Enterprise Risk Program designed to ensure that the Company achieves optimum compliance with all regulatory requirements. The Governance, Risk and Compliance Analyst will be part customer/client facing and part internal governance maturing the Audit, Compliance and security controls within the organization.

Requirements

Minimum BA/BS or equivalent work experience in audit, security assurance, management information systems or a related field preferred.
Process expertise in GRC areas is necessary (e.g. risk management, compliance & regulation, controls automation, continuous controls monitoring and security).
Experience with audit preparation or equivalent education desired
Understanding of IT environments, risk, and assessment and auditing methodologies
Have a strong working knowledge of some or all of ISO27001, SSAE16/18, Information security standards, GDPR, ITIL, cyber essentials.
Ability to lead and manage projects across multiple teams or groups (strong planning, organization and project management skills)
Intellectual curiosity and analytical skills in areas of high complexity; sound judgment in resolving matters of high complexity
Ability to prioritize assigned work and complete activities in a timely manner
Ability to work independently and in a team environment
Proficiency with Word, Excel, PowerPoint, SharePoint, Visio and Outlook
Willingness to travel up to 10% of working time.

Responsibilities

Manage, maintain and improve the compliance management of internal controls to meet internal and external compliance SOC2 and ISO 27001 security requirements.
Work directly with regional business owners to complete and respond to customer/client due diligence questionnaires.
Assist in the preparation and review of annual narratives for each HUB region.
Capture information from the regions in order to create documentation of the region’s key operational and/or compliance processes, risks, and controls
Develop and manage tools to support tracking departmental activities and reporting metrics, such as RFPs, customer due diligence activities, and regulatory requests.
Evaluate the design and test the operating effectiveness of key controls identified and provide control enhancement recommendations as appropriate
Assist with tracking audit exceptions for all audits performed.
Contribute to other risk management activities, which may include exception monitoring and tracking, vendor viability assessments, and other special projects as needed