Position Details

Salary $95K – $119K USD / year

Type Not Specified

Experience senior

Exp. Years 4+ years

Education Bachelor's Degree in Computer Science, Information Systems, Risk Management

Category Cybersecurity

About this role

Senior IT security risk and controls role focused on regulatory compliance and enterprise risk management for Aflac. Responsibilities include identifying security issues, tracking remediation, and collaborating with Legal, Sourcing, and Supplier Managers on standard security provisions.

Key Responsibilities

Identify, interpret, and communicate information security issues related to Aflac systems and third parties
Track and report on the status of issues and remediation plans
Stay current on industry trends and regulatory changes
Meet with business partners on integration points with enterprise processes
Partner with Legal, Sourcing, and Supplier Managers to embed security provisions

Technical Overview

Technical scope includes GRC tooling, ISO 27001/NIST/COBIT frameworks, and IT security controls across enterprise environments. Involves regulatory compliance translation and collaboration with third-party risk management.

Ideal Candidate

The ideal candidate is a senior information security professional with 4+ years of related experience in finance/insurance, strong GRC tooling expertise (Modulo, Archer), and a track record translating regulatory requirements into enterprise-wide risk and compliance programs. They should demonstrate excellent communication skills and the ability to work across LATAM or US teams.

Must-Have Skills

Bachelor's Degree in Computer ScienceInformation SystemsRisk ManagementFour or more years of related work experienceExperience in Financial Services or Insurance industryExperience with IT GRC tools (ModuloArcher)Working knowledge of FFIECGLBAHIPAAand PCI DSSStrong knowledge of information security policiescontrolsand processes

Nice-to-Have Skills

Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Information Systems Auditor (CISA)Certified in Risk and Information Systems Control (CRISC)

Tools & Platforms

ModuloArcherMicrosoft Office Suite

Required Skills

Bachelor's degree; four or more years of related work experience; information security policies; controls; processes; FFIEC; GLBA; HIPAA; PCI DSS; IT GRC tools; Modulo; Archer; risk assessment; third party risk management; IT governance; regulatory compliance; incident response

Hard Skills

Microsoft Office SuiteISO 27001:2013COBITNISTFFIECGLBAHIPAAPCI DSSIT GRC toolModuloArcherInformation security policiesSecurity management standardsSecurity controlsRisk assessmentRegulatory complianceThird party risk management

Soft Skills

Excellent written and verbal communications skillsInterpersonal communicationStakeholder managementAbility to articulate security concepts to business usersMultitasking and prioritization

Certifications

Preferred

Industry & Role

Industry Insurance

Job Function Identify and manage information security risks and regulatory compliance across the enterprise, interfacing with business and technology partners.

Role Subtype GRC Analyst

Tech Domains Cybersecurity, Networking / TCP-IP, SQL / PostgreSQL, Linux, Windows Server

Keywords for Your Resume

Sr Info Sec Assessment AnalystSenior Information Security Assessment Analystinformation securitysecurity management standardsISO 27001:2013COBITNISTFFIECGLBAHIPAAPCI DSSIT GRC toolModuloArcherrisk assessmentRegulatory complianceThird party risk managementincident responsecyber security incident responsesecurity controlsinformation security policiesGRCIT GRCregulatory compliance

Deal Breakers

Bachelor's degree required, 4+ years of related experience, Experience in Financial Services or Insurance industry, CISA or other relevant certifications preferred but not required

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile