At Asurint, we’re building a leading information-based technology company in Cleveland, Ohio. Asurint is on a mission to help our customers succeed by bringing innovation, flexibility and personal ownership to background screening – all while addressing the changing regulatory landscape. We measure our efforts by the success our customers enjoy and the positive onboarding experience of their employees. We are succeeding because they succeed.
As a member of the Enterprise Security organization within Asurint, the Senior Security Business Analyst will play a key role in contributing to our overall security program by partnering with all internal organizations to help drive continuous improvement. The successful candidate will need to demonstrate their expertise in all GRC domains as well as be able to lead and grow a program in line with the strategy and objectives of the overall Enterprise Security organization. The position will contribute in leading the administration and ongoing security governance, risk and compliance program within the enterprise security and privacy organization to ensure the proper controls are implemented to address the risks to Asurint and its customers. They will also be responsible for developing, maintaining and ensuring the overall governance and compliance to contractual, regulatory, industry and legal requirements and regulations that are or will be applicable to Asurint. This position will work with a wide variety of levels and people from multiple business units, bringing them together to manifest controls that reflect workable solutions as well as proactive response to current and future business and security requirements.
- Adds value as a key member of enterprise security; understands the business, financials, industry, clients, and strategy.
- Designs, enhances, leads and oversees the implementation of the overall Security GRC program.
- Leads the security customer compliance function and interfaces with customers to ensure Asurint meets regulatory and contractual obligations as well as customer expectations.
- Provides strong leadership, mentoring and guidance to members of the enterprise security team as well as others within Asurint.
- Develops and maintains the governance and compliance models regarding multiple regulatory and contractual requirements and obligations applicable to Asurint.
- Contributes in leading the SOC2 program within Asurint as well as liaisons with legal, finance, and other departments to ensure security and IT controls are implemented, effective, repeatable and continuously improved upon throughout Asurint.
- Recommends and oversees the implementation of secure and compliant solutions in order to meet government and industry current and future requirements.
- Develops, tracks and leads the overall security risk program to ensure risks to Asurint are known, understood, mitigated and/or managed.
- Maintains relationships with internal and external customers to ensure Asurint meets contractual requirements and customer expectations while maintaining a collaborative environment.
- Contributes in managing vendors and outside service providers effectively; sets expectations and holds them accountable.
- Provides support to ensure internal controls and processes are implemented and documented to provide compliance with regulatory and certification obligations.
- Conducts independent internal audits and escalates findings and concerns as appropriate.
- Partners with all internal business units to improve risk and governance processes, facilitate issue resolution, and to improve the overall risk posture of the Asurint.
- Develops and recommends risk mitigation and remediation strategies and coordinates the implementation of those strategies.
- Assists other Information Security personnel with identifying, assessing, reporting, and monitoring both existing and emerging risks.
- Leads initiative to educate Asurint employees via the Security Education & Awareness program.
- Other duties as required.
- Experience leading at the functional level is preferred.
- Strong project management and/or continuous improvement skills are required.
- Experience with information systems or technology audit frameworks is required.
- Experience with the legal/court system as well as background screening is preferred.
- Experience with the various security solutions and systems is preferred.
- Proficiency in MS Office [Outlook, Excel, Word] or similar software is required. Relevant business management systems such as general ledger, HRIS, CRM, etc. is required.
- Education: Bachelor’s degree in Computer Science, Information Technology, Information Security, or a related field is required. Master’s degree is preferred.
- Certifications or licensure: Certified Information Systems Auditor (CISA), Certified Fraud Examiner (CFE), Certified Internal Auditor (CIA), Certified Public Accountant (CPA), Certified Information System Security Professional (CISSP) is preferred.
- Worked with multiple regulatory requirements including PCI-DSS, SOX, FCRA, Dodd-Frank, GLBA, etc. is required.
- Understanding around technical elements regarding security is preferred.
- Prior experience dealing with regulations and compliance aspects required.
- Prior project lead experience handling large and complex engagements and offerings is required.
- Years of relevant experience within security, internal audit, risk management or related field: 5 to 7 years is required.
- The work environment involves everyday risks or discomforts that require normal safety precautions typical of offices, which includes the need for general safe workplace practices with office equipment and computers, avoidance of trips and falls, and observance of fire regulations.
- The noise level in the work environment is usually quiet to moderate.
- This position is performed in an office setting although off-site meetings in various settings occur.
- The schedule is generally normal business hours although there is a requirement to perform work, attend meetings and events before or after normal workings hours, and occasionally on weekends and evenings.
- Some travel by personal automobile and a valid drivers’ license is required. Occasional overnight travel is required.
- Lift light objects [less than 20 pounds] and carry them short distances [20 feet or less].
In exchange for your unique abilities, perspectives & teamwork, ASURINT offers an excellent benefit package which includes:
- Competitive salary
- Medical/Dental & Vision effective first day of employment
- Paid Time Off & eight company paid holidays
- Free gym in building
- Learning and Development programs
- Short & Long-Term Disability
- Flexible Spending Accounts
- Business Casual Attire
- Employee Referral Bonus
*Asurint is an equal opportunity employer. All applicants will be considered for employment without regard to race, color, religion, age, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.