GRC Specialist

Earnix is a leading provider of advanced pricing and rating solutions tailored for the insurance industry. Our cutting-edge software empowers actuaries and data scientists within insurance companies to make data-driven decisions and optimize pricing strategies. With a commitment to innovation and a deep understanding of the insurance landscape, Earnix is at the forefront of revolutionizing how insurers approach pricing and rating.

We are looking for a GRC specialist who will join our Security and Compliance team to build and manage Earnix governance, risk, and compliance aspects from the ground up.

What you'll do:

• The GRC Specialist identifies and assesses potential information security risks, recommends mitigations, and helps the risk owners drive the implementation of mitigations to reduce the risk to an acceptable level.
• You will manage the process of technical Risk assessments with team members and coworkers.
• Lead the organization-wide compliance program, ensuring activities, processes, and procedures meet defined requirements, policies, and regulations.
• Align with suppliers, and internal teams like IT and application teams to ensure compliance with organizational security requirements.
• Work with internal and external Audit representatives and outside consultants as appropriate on required security assessments and audits.

You’ll do it using:

• At least 2 years of experience in the field of GRC.
• Knowledge of common cyber security and risk management frameworks/ standards/ regulations in the financial industries.
• Solid knowledge of information security principles and practices.
• Excellent communication and presentation skills in English- verbal and written
• Excellent documenting and reporting skills
• Project management and coordination skills
• Knowledge of risk management frameworks and industry best standards (NIST, privacy frameworks, cloud security frameworks, etc.) and experience performing information security audits (e.g., ISO2700x, SOC2, CSA, etc.) - an advantage
• Experience with Third-Party Cyber Risk & Attack Surface management tools (such as Panorays)- an advantage.
• Experience with Security awareness platform- an advantaged
• Experience with compliance platforms (such as Anecdotes) an advantaged
• Familiarity working with AWS cloud environment – an advantage
• Background from a SaaS company – an advantage

You’ll excel by:

• Demonstrate a Can-Do attitude, high professionalism, and a commitment to project success
• Be passionate about problem-solving and on-time delivery
• Communicate efficiently with all relevant stakeholders
• Thinking outside of the box and seeing the bigger picture
• Being Self-motivated and well organized