GRC (Governance, Risk, and Compliance) Analyst
YipitDataSalary not specified
Full Time
Entry Level & New Grad
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Insurance, Financial ServicesIndustries
Requirements
- Bachelor's degree in a relevant field, with a strong background in IAM, including program, audits, assessment, remediation or security compliance management
- Working knowledge of at least one of the following technologies preferred: SailPoint, CyberArk, Okta
- Advanced knowledge of information systems auditing, controlling, monitoring and assessments
- Demonstrated ability to assess process design, define control points and identify appropriate evidence to support control effectiveness
- Act in a project manager capacity to collect status on open issues from issue owners, summarize/consolidate updates, and share with internal partners
- Identify opportunities to streamline and automate testing procedures, driving operational efficiency and continuous improvement
- Excellent problem-solving skills with the ability to assess risks, solve complex (often ambiguous problems) and recommend remediations
- Develop and maintain control procedure templates and playbooks to serve as a foundation for audits and assessments
- Self-starter who takes ownership of their work and can work both independently as well as collaboratively in a fast-paced regulatory environment
- Strong attention to detail and a critical, analytical mindset
- Certifications (CISSP, CISA, CISM, CRISC) are a plus
- Proven track record of delivering compliance-driven IAM projects, analyzing IAM processes and controls, or auditing IAM controls
Responsibilities
- Point of contact for internal and external audit partners as it relates to IAM controls (e.g., user access and identity lifecycle, privileged access management, authentication)
- Maintain comprehensive knowledge of IAM domains’ requirements within relevant frameworks and regulations (e.g., SOX, SOC1, ISO 27001, NIST, PCI DSS, DORA, US DOJ Executive Orders) and demonstrate the ability to interpret and integrate new regulatory requirements into AIG’s control environment
- Assist in developing and maintaining IAM policies, standards, and procedures ensuring alignment with applicable regulatory requirements and leading IAM practices
- Assist in conducting regular self-assessments, including establishing automated continuous monitoring, of the organization’s IAM control environment to identify and proactively remediate any unmitigated risks or inefficiencies
- Identify and evaluate complex business and technology risks as it relates to IAM and relay opportunities for risk mitigation via automation/process transformation
- Stay current with IAM industry trends and best practices, including the use of AI and automation to strengthen control compliance monitoring
- Partner with control owners and subject-matter experts within the Identity and Access Management (IAM) team to ensure that AIG remains compliant with its IAM obligations and requirements
- Lead engagement with internal and external stakeholders, ensuring the collection, validation, and delivery of relevant information that demonstrates the strength and effectiveness of AIG’s IAM controls
Skills
IAM
Governance
Controls
SOX
SOC1
ISO 27001
NIST
PCI DSS
DORA
Privileged Access Management
User Access Management
Authentication
Auditing
AIG
Global insurance provider for individuals and businesses
About AIG
AIG provides a variety of insurance products and services aimed at individuals, families, and businesses. Their offerings include life insurance, retirement planning, and commercial insurance, which help clients manage risk and protect their assets. AIG operates by underwriting insurance policies and managing risk, while also investing the premiums collected to generate income. This company stands out from competitors by not only focusing on traditional insurance but also emphasizing cybersecurity and data protection to keep clients' information safe. AIG's goal is to help clients achieve financial security and peace of mind through comprehensive insurance solutions.
New York City, New YorkHeadquarters
1919Year Founded
IPOCompany Stage
Cybersecurity, Financial ServicesIndustries
10,001+Employees
Benefits
Health, dental, & vision coverage
Flexible Spending Accounts (FSA)
401(k)
PTO
Commuter Expense Reimbursement Account
Risks
Sale of personal travel business may reduce AIG's market presence in travel insurance.
Expansion in Atlanta could pose financial risks if expected growth does not materialize.
Deconsolidation of Corebridge Financial might lead to loss of synergies and increased costs.
Differentiation
AIG offers a wide range of insurance products globally, serving diverse client needs.
Corebridge Financial, a subsidiary, enhances AIG's offerings in retirement planning and financial futures.
AIG emphasizes cybersecurity and data protection, ensuring clients' information remains secure.
Upsides
AI adoption in underwriting and claims processing enhances efficiency and reduces costs for AIG.
InsurTech partnerships offer AIG opportunities to enhance digital capabilities and drive innovation.
Telematics and usage-based insurance allow AIG to offer personalized and flexible products.
Related Jobs
RemoteRemoteIAM Engineer (Remote)
CrowdstrikeSalary not specified
RemoteIT Engineer
ChainguardSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Risk Analyst - Enterprise Risk Management
DeelSalary not specified
- Full Time
- Senior (5 to 8 years)
RemotePlacement Specialist, IAS National Private Risk Management
Foundation Risk PartnersSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteAdvisory Solutions Consultant - Healthcare
SailPointSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Enterprise Risk Management Specialist
Spring HealthSalary not specified