70% - Compliance Support

• Conduct regular assessments to ensure compliance with cybersecurity regulations, standards, and industry best practices.
• Support the development of policies, procedures, and controls to address cybersecurity compliance requirements.
• Coordinate and participate in internal and external audits related to IT security compliance.
• Identify and assess risks to information assets and recommend mitigation strategies to address compliance gaps.
• Collaborate with IT and business stakeholders to implement security controls and remediate compliance issues.
• Monitor changes in regulations and standards to ensure ongoing compliance and recommend updates to policies and procedures as necessary.
• Prepare and maintain documentation, reports, and evidence of compliance activities for audit purposes.
• Provide guidance and training to staff on cybersecurity policies, procedures, and compliance requirements.
• Assist with incident response activities and investigations related to cybersecurity compliance issues.

30% - Support and maintain systems and processes related to security and compliance functions.

• Participate in audit activities, client audits, state DOI exams, RFP/due diligence reviews, internal audits
• Participate in all audit activities relating to SSAE-18 SOC 1 & 2 and SOX 404 IT audits ensuring work and deliverables in accordance with agreed upon timeframes and departmental procedures, standards, and protocols
• Partners cross-functionally, inter-departmentally and with the internal and external auditors to understand the process from an end-to-end perspective and appropriately and effectively communicates with these partners to understand the status for the corporation as a whole
• Ensures frequent communication of test and/or audit results and analysis on a timely basis to the appropriate stakeholders and senior management within the audit department
• Responsible for staying current on regulatory rules and changes within the industry, with specific focus on SSAE-18 SOC 1 & 2, SOX 404 and communicating industry/professional changes/ developments to the audit department
• Participates in meetings with business unit to discuss test and/or audit scoping, testing progress and results
• Educate Assurant management and staff regarding risks and controls pertaining to security-related concepts, compliance and audit requirements.
• Evaluate, test and plan implementation of new or improved controls to keep Assurant current with industry standards and compliance requirements
• Collaboration with other Assurant (i.e. IAS, Privacy, IT Legal) and industry groups on IT compliance-related issues and concerns
• Recognize trends in security and compliance and emerging risks; making recommendations regarding policy/procedure updates to enable proactive security approach for Assurant

Manage, support and maintain security and compliance systems

At Assurant, we celebrate the differences that make us who we are. By assembling extraordinary teams from a variety of races, religions, sexual orientations, gender identities, ages, experiences, and abilities, we’re able to better reflect the global communities where we live and work. By working to remove barriers, we ensure equity for everyone. The pursuit of inclusion rests with each of us. Because it’s only by listening to and representing the unique voices of every individual that we can innovate for all.

For further information about Assurant, please visit our website: https://www.assurant.com/