IT Compliance Analyst III

As a leading provider of insurance and reinsurance with worldwide operations and employees in Bermuda, U.S., U.K., Continental Europe and Asia, we recognize that our success is derived directly from those who matter the most: our people. At Sompo International, our values of integrity, collaboration, agility, execution and excellence underpin our culture and our commitment to providing an employee experience that attracts and engages the best talent in the industry. As we continue to grow, we strive to find diverse, innovative and driven professionals to join our teams and offer a broad range of career and development opportunities at all levels, in multiple business areas, in each of our locations throughout the world. Our compensation and benefits programs are market driven and competitive, with excellent family friendly policies and flexible working provisions.

Job Description

Are you looking for your next opportunity?

Sompo has a unique opportunity for an IT Compliance Analyst III to join our Information Technology team.

Our IT Compliance Team is engaged in multiple facets of governance, risk, and compliance activities associated with IT controls. As an IT Compliance Analyst III, you'll be responsible for defining, preparing, analyzing, and submitting regulatory and compliance artifacts that demonstrate controls are in place and working as designed. You'll support our IT functions related to SOX and internal audits, vendor management, identity and access management, IT governance, and Legal/HR matters to ensure the company meets regulatory requirements.

Location: This position will be based out of our Morristown, NJ, Charlotte, NC, Purchase, NY, Conshohocken, PA, Mount Juliet, TN, or Boston, MA office. We strive for collaboration which is why we offer a work environment where our employees thrive and develop long lasting careers.

Our business, your impact, our opportunity

What you'll be doing

• Define and implement IT General Controls (ITGC), processes, procedures, and improvement initiatives supporting the IT organization

• Plan, implement, coordinate, and execute IT audit plans and policies, standard operations procedures and controls including testing for adherence with established controls and reporting possible deficiencies

• Provides oversight and management of audit finding remediation, tracking progress, and providing status and updates

• Serve as point of contact to work with company's internal & external auditors for compliance with regulatory (SOX, Privacy, etc.) requirements and internal control standards, serving as central point of data gathering

• Partner with and manage 3rd party vendors so that controls are in place, effective, and auditable, including evaluating SOC1/2 reports for compliance with IT General Controls

• Review IT policies and procedures documentation, artifact collection, audit-readiness assessment

• Communicate governance & compliance objectives, fostering a compliance & risk aware culture

• Works with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments

• Execute special projects and assignments within the department, as needed

What you'll bring

• 5 + years of experience in Financial Services IT regulatory and SOX compliance reporting, IT General Controls, internal IT Assessment and Risk Mitigation, data analysis, or a similar compliance role within the insurance industry

• Strong analytical skills, attention to detail, organizational and time-management skills

• Proficiency in data analysis tools and software (e.g., Excel, SQL, reporting software)

• Attention to deliverables with accuracy and efficiency; strong business acumen, including responding and articulating processes and issues related to IT controls

• Experience working with internal and external auditors

• Ability to identify and provide solutions to mitigate potential IT related risks

• Goal-oriented with the ability to multi-task under pressure in fast-paced environments with deadlines

• Ability to effectively communicate information and ideas

• Preferred knowledge and experience in at least one the area of industry standard frameworks such as COBIT, ISO, ITIL, or NIST

• Certified Risk and Information System Control (CRISC), Certified in the Governance of Enterprise IT (CGEIT), CISSP, CISA, CISM or GIAC certifications is a plus

Salary Range: $70,000 - $100,000 Actual compensation for this role will depend on several factors including the cost of living associated with your work location, your qualifications, skills, competencies, and relevant experience.

At Sompo, we recognize that the talent, skills, and commitment of our employees drive our success. This is why we offer competitive, high-quality compensation and benefit programs to eligible employees.

Our compensation program is built on a foundation that promotes a pay-for-performance culture, resulting in higher incentive awards, on average, when the Company does well and lower incentive awards when the Company underperforms. The total compensation opportunity for all regular, full-time employees is a combination of base salary and incentives that gets adjusted upfront based on overall Company performance with final awards based on individual performance.

We continuously evaluate and update our benefit programs to ensure that our plans remain competitive and meet the needs of our employees and their dependents. Below is a summary of our current comprehensive U.S. benefit programs:

• Two medical plans to choose from, including a Traditional PPO & a Consumer Driven Health Plan with a Health Savings account providing a competitive employer contribution

• Pharmacy benefits with mail order options

• Dental benefits including orthodontia benefits for adults and children

• Vision benefits

• Health Care & Dependent Care Flexible Spending Accounts

• Company-paid Life & AD&D benefits, including the option to purchase Supplemental life coverage for employee, spouse & children

• Company-paid Disability benefits with very competitive salary continuation payments

• 401(k) Retirement Savings Plan with competitive employer contributions

• Competitive paid-time-off programs, including company-paid holidays

• Competitive Parental Leave Benefits & Adoption Assistance program

• Employee Assistance Program

• Tax-Free Commuter Benefit

• Tuition Reimbursement & Professional Qualification benefits

In today's world, what do we stand for?

Ethics and integrity are the foundation of delivering on our commitment to you. We believe that core values drive success, and that when relationships are held in the highest regard, there is nothing that cannot be accomplished. At Sompo, our ring is more than a logo, it is a symbol of our promise. Click here to learn more about life at Sompo.

Sompo is an equal opportunity employer and we intentionally value inclusion and diversity. Above all, we want you to work in an environment that respects everyone's unique contributions - we are passionately committed to equal opportunities. We do not discriminate based on race, color, religion, sex orientation, national origin, or age.