Manager, Information Security Risk

About Acrisure

A global fintech leader, Acrisure empowers millions of ambitious businesses and individuals with the right solutions to grow boldly forward. Bringing cutting-edge technology and top-tier human support together, we connect clients with customized solutions across a range of insurance, reinsurance, payroll, benefits, cybersecurity, mortgage services - and more.

In the last eleven years, Acrisure has grown in revenue from $38 million to almost $5 billion and employs over 19,000 colleagues in more than 20 countries. Our culture is defined by our entrepreneurial spirit and all that comes with it: innovation, client centricity and an indomitable will to win.

Responsibilities:

• As the Information Security Risk Manager, you will become an integral part of our dynamic Governance, Risk, and Compliance (GRC) team dedicated to safeguarding the organization. Your primary responsibility is to lead the third-party risk assessment program while also providing support in managing SOC2 assessments, conducting policy reviews, and evaluating the impact of regulatory changes. You will guide a talented team focused on securing Acrisure's information in an ever-changing landscape. Moreover, you will benefit from collaborating with and learning from experienced information security experts who are specialists in their respective areas.

• Provide leadership and direction for the entire third-party risk assessment program, overseeing risk assessment strategies and ensuring alignment with organizational objectives and priorities.

• Develop and maintain strong relationships with key stakeholders, including senior leadership, business units, legal, compliance, and IT teams, to facilitate smooth third-party risk management processes.

• Stay abreast of relevant regulatory requirements, industry standards, and best practices to ensure the program remains compliant with all applicable laws and regulations.

• Conduct comprehensive third party risk assessments, analyzing security policies, procedures, controls, and compliance with regulatory requirements. Perform in-depth technical assessments of third-party solutions, evaluating compatibility with our network infrastructure and data handling practices.

• Collaborate and build relationships with different business partners and provide guidance regarding program requirements on the onboarding and management of third-parties.

• Assist with the compilation and reconciliation of third-party reporting data for internal reports.

• Drive ongoing enhancements to the third-party risk assessment program, identifying areas for improvement and implementing effective solutions.

This description is not meant to be all-inclusive and may be modified from time to time at the discretion of management.

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Requirements

• A seasoned professional with 5+ years of progressive experience in IT security

• Proven expertise in managing timelines and deliverables effectively.

• Strong leadership skills with the ability to inspire and guide a team of security professionals.

• Excellent communication and interpersonal skills, with the ability to engage effectively with all levels of the organization and external partners.

• Able to work independently and enjoy a high degree of interaction with team members

• Ability to contribute to a collaborative environment by consistently demonstrating teamwork, high motivation, positive behavior and effort to achieve goals and objectives

• Self-motivated and driven

• Maintain a sense of urgency and ability to work with and meet deadlines

• Demonstrate effective written and verbal communication, including the ability actively listen, and problem solve with minimal assistance

• Demonstrates excellent time management and prioritization skills

• Attention to detail and commitment to a high level of accuracy

• The ability to multi task, prioritize, work independently, and use discretion surrounding sensitive information

• Ability to maintain a professional demeanor and positive attitude

Candidates should be comfortable with an on-site presence to support collaboration, team leadership, and cross-functional partnership.

Benefits and Perks:

• Competitive compensation

• Flexible vacation policy and paid holidays, plus paid sick time off

• Medical Insurance, Dental Insurance, Vision Insurance, Disability insurance (short-term and long-term), Pet Insurance

• Employee-paid supplemental insurance options

• Company-paid group life insurance

• Employee Assistance Program (EAP) and Calm App subscription

• Vested 401(k) with company match and financial wellness programs

• FSA, HSA and commuter benefits options

• Paid maternity leave, paid paternity leave, and fertility benefits

• Career growth and learning

• …and so much more!

Not reflective of all benefits. Enrollment waiting periods or eligibility criteria may apply to certain benefits. Benefit details and offerings may vary for subsidiary entities or in specific geographic locations

Making a lasting impact on the communities it serves, Acrisure has pledged more than $22 million through its partnerships with Corewell Health Helen DeVos Children's Hospital in Grand Rapids, Michigan, UPMC Children's Hospital in Pittsburgh, Pennsylvania and Blythedale Children's Hospital in Valhalla, New York.

Welcome, your new opportunity awaits you.

#LI-Onsite

Acrisure is committed to employing a diverse workforce. All applicants will be considered for employment without attention to race, color, religion, age, sex, sexual orientation, gender identity, national origin, veteran, or disability status. California residents can learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy available at www.Acrisure.com/privacy/caapplicant.

To Executive Search Firms & Staffing Agencies: Acrisure does not accept unsolicited resumes from any agencies that have not signed a mutual service agreement. All unsolicited resumes will be considered Acrisure's property, and Acrisure will not be obligated to pay a referral fee. This includes resumes submitted directly to Hiring Managers without contacting Acrisure's Human Resources Talent Department.