Duck Creek Technologies

Analyst - Governance Risk and Compliance

PayCompetitive
LocationRemote
Employment typeFull-Time

This job is now closed

Apply to similar jobs

  • Job Description

      Req#: REQID54080

      Helping careers take flight. Reshaping an industry. Enable your career to be Made on Duck Creek.

      WHAT WE ARE ABOUT:

      Duck Creek Technologies is the intelligent solutions provider defining the future of the property and casualty (P&C) and general insurance industry. We are the platform upon which modern insurance systems are built, enabling the industry to capitalize on the power of the cloud to run agile, intelligent, and evergreen operations. Our modern SaaS solutions help insurers set a new standard and revolutionize how consumers interact with insurance companies.

      Authenticity, purpose, and transparency are core to Duck Creek, and we believe insurance should be there for individuals and businesses when, where, and how they need it most. Our market-leading solutions are available on a standalone basis or as a full suite, and all are available via Duck Creek OnDemand. With more than 1,000 successful implementations to date, Duck Creek removes the IT burden for insurers so they can focus on the business of insurance.

      We have a flock of more than 1,800 employees across the globe and are proud to be a Flexible-First employer. We empower our employees with the choice to work from an office, from home, or on a hybrid schedule. Our flexible-first environment fosters productivity, inclusion, collaboration, and ensures a consistent employee experience regardless of location.

      If working in a fast-paced, rapidly evolving company that is transforming one of the world’s oldest and largest industries sounds exciting, let us know. We are excited you are considering Duck Creek as a future employer and hope you decide to join “The Flock”!

      To learn more about us, visit www.duckcreek.com and follow us on our social channels for the latest information – LinkedIn and Twitter .

      TITLE: Governance Risk and Compliance Analyst

      WHAT YOU’LL DO:

      • Responsible for the day-to-day operations of the InfoSec governance, risk, and compliance function, working with established InfoSec frameworks, standards, and policies
      • Support the continuous maturity and evolution of the Information Security and Privacy Program by challenging current approaches and proactively identifying improvement opportunities to drive assessment, monitoring, and response effectiveness and efficiency
      • Assist in drafting, implementing, and revising policies, procedures, and standards periodically to address changes in the operating environment
      • Assist in maintaining the documentation, prioritization, and tracking of items such as the risk register, identified vulnerabilities, exceptions, and major security improvements to DCT’s InfoSec Program.
      • Develop and maintain collaboration with Engineering, Corporate IT, Legal, HR, Internal Audit and Product Team Members
      • Perform analysis on regulatory changes, or organization changes, that may impact our Information Security requirements
      • Assists with managing customer due diligence questionnaires, requests for proposals, or general inquiries regarding the Information Security program and in assessing third party vendors
      • Support Internal and External Audits of the DCT Information Security Program (i.e. SOC1, SOC2, and ISO 27001)
      • Manage the GRC tool used to track Risks, Controls, and gaps.

      WHAT YOU’VE DONE:

      • Degree preferred or equivalent years of practical job experience in a similar function or role
      • 1-2 years experience in information security risk, information security audit, information security, or equivalent audit or risk management role or any combination of education and experience that would provide an equivalent background
      • Working knowledge of information security and technology risk
      • Ability to independently execute non-complex tasks with limited guidance and complex tasks with manager oversight and guidance
      • Knowledge of the industry’s standards and regulations, specifically SOC 1, SOC 2, ISO 27001, GDPR and APRA, PCI, CCPA
      • Knowledge of standards and framework such as CIS Critical Security Controls v8, ISO, and NIST
      • Understanding of concepts related to information security domains such as Cloud Security, Third-Party Risk Management, Identity and Access Management, Data Security, Vulnerability and Patch Management, Malware Defenses, etc.
      • Effective interpersonal skills with the ability to develop solid working relationships with others
      • Able to meet deadlines and handle multiple priorities
      • Ability to succeed in a team environment or work as an individual contributor.

      WHAT ADDITIONAL INFORMATION YOU MAY WANT TO KNOW:

      • Work Authorization: Legally authorized to work in the country of the job location
      • Location: Remote

      WHAT WE STAND FOR:

      Our global company celebrates & leverages the differences each employee brings to the table. Our success is a direct result of an inclusive culture where opportunities to learn from one another occur regardless of title, seniority, or background. This collaborative and team-oriented approach is at the core of how we operate and continuously improve our products, services, and systems. As such, Duck Creek is committed to providing equal opportunity to all employees and applicants – to recruit, hire, train, and reward employees for their individual abilities, achievements, and experience without regard to race, color, gender, religion, sexual orientation, age, national origin, disability, marital, military, or any other protected status.

      We strive to be an example to the world of inclusion, diversity, and equity in all things – where employees are free to be their authentic selves in the workplace and in the communities in which we live. We believe in leading by example and are proud of the diversity of our team and our shared commitment to our Core Values: We Prioritize Respect; We Listen; We Care; We Add Value; and We Lead.

      To learn more about our inclusive company culture, values, DE&I initiatives, and people, please visit: https://www.duckcreek.com/life-at-duck-creek/ .

      Please let us know if you encounter accessibility barriers with our web content by sending an email to accessibility@duckcreek.com .

      Duck Creek Technologies does not accept, nor will we pay a fee for any hires resulting from unsolicited headhunter or agency resumes.

      #LI-HS

      #LI-Remote

  • About the company

      Duck Creek Technologies is a leading provider of comprehensive P&C insurance software and services for insurers of all sizes worldwide.

Notice

Talentify is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.

Talentify provides reasonable accommodations to qualified applicants with disabilities, including disabled veterans. Request assistance at accessibility@talentify.io or 407-000-0000.

Federal law requires every new hire to complete Form I-9 and present proof of identity and U.S. work eligibility.

An Automated Employment Decision Tool (AEDT) will score your job-related skills and responses. Bias-audit & data-use details: www.talentify.io/bias-audit-report. NYC applicants may request an alternative process or accommodation at aedt@talentify.io or 407-000-0000.

Other job opportunities

remote senior security compliance analyst
data governance jobs remote
remote compliance jobs
remote credit risk management careers pittsburgh
third party risk management jobs remote
More information about Duck Creek Technologies