IT GRC Lead Analyst

Posted 9 Days Ago
Be an Early Applicant
Westfield Center, OH, USA
Hybrid
Senior level
Insurance
The Role
Lead the design, implementation, and continuous improvement of enterprise IT GRC programs. Conduct technology risk assessments, oversee controls (ITGCs, cybersecurity controls), drive remediation and automation, manage third-party risk, liaise with auditors/regulators, and deliver executive reporting. Mentor team members and influence risk-aware decision-making across the organization.
Summary Generated by Built In

Job Summary:

The IT Governance, Risk, and Compliance (GRC) Lead Analyst serves as a subject matter expert responsible for leading the design, implementation, maturity, and continuous improvement of the organization’s IT governance, risk management, and compliance programs.

This role provides strategic oversight of technology risk and control management, partners with business and technology leaders to ensure alignment with enterprise objectives and drives a proactive risk-aware culture across the organization. The GRC Lead Analyst serves as a trusted advisor to senior leadership, influencing risk-based decision-making and ensuring compliance with regulatory requirements, industry standards, and internal policies.

The ideal candidate possesses deep expertise in governance frameworks, regulatory compliance, IT controls, risk management, audit practices, and cybersecurity governance, along with demonstrated leadership in driving enterprise-wide initiatives and mentoring others.

Applicants must be currently authorized to work in the United States on a full-time basis without employer sponsorship.


Job Responsibilities:

  • Lead the development, execution, and continuous improvement of the enterprise IT Governance, Risk, and Compliance (GRC) program, frameworks, and operating model.
  • Serve as the organization's subject matter expert for IT governance, risk management, compliance, and control oversight.
  • Lead enterprise technology risk assessments and provide risk-based recommendations aligned with business objectives and risk appetite.
  • Drive the maturity of risk management practices through governance enhancements, process optimization, and industry best practices.
  • Oversee compliance with regulatory requirements, industry standards, and internal policies, ensuring effective implementation of controls and monitoring mechanisms.
  • Establish and maintain IT control frameworks, including ITGCs, cybersecurity controls, and key risk indicators (KRIs).
  • Lead control assessments, testing, continuous monitoring, and remediation efforts to strengthen the organization's control environment.
  • Serve as the primary liaison for internal and external audits, regulatory examinations, and issue remediation governance.
  • Lead third-party technology risk management activities, including vendor assessments and ongoing risk oversight.
  • Champion the implementation, optimization, and automation of GRC processes and technologies to improve efficiency and effectiveness.
  • Develop and deliver executive-level reporting, dashboards, and insights on risk, compliance, audit results, and remediation activities.
  • Lead cross-functional GRC initiatives, influence strategic decision-making, and mentor team members to foster a culture of risk awareness and continuous improvement.

Job Qualifications:

  • 7+ years of experience in IT Governance, Risk, and Compliance, Information Security, IT Audit, or related disciplines.
  • Bachelor's degree in Information Technology, Cybersecurity, Information Systems, Risk Management, Business, or related field.

Location
Hybrid defined as three (3) or more days per week in the office.
 

Licenses and Certifications: 

  • CISSP 
  • CISA 
  • CRISC 
  • CISM 
  • CGEIT

Behavioral Competencies:

  • Collaborates
  • Communicates Effectively
  • Customer Focus
  • Decision Quality
  • Nimble Learning

Technical Skills:

  • Insurance Industry Knowledge
  • Regulatory Examinations
  • GRC Platforms
  • Policy Management
  • Compliance Automation Tools
  • IT Risk Assessment
  • Control Design
  • Security Testing

This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.

About Us
Founded in 1848, Westfield is a global leader in property and casualty insurance, delivering superior risk insights and innovative solutions to customers through a diverse portfolio of insurance products. Westfield underwrites commercial, personal, surety, and specialty lines of coverage through a network of leading independent agents and brokers in the United States and specialty products through Lloyd’s of London Syndicate 1200. As a mutual insurance company with more than 3,000 employees, Westfield has revenues in excess of $4 billion and more than $10 billion in assets. 

Skills Required

  • 7+ years of experience in IT Governance, Risk, and Compliance, Information Security, IT Audit, or related disciplines
  • Bachelor's degree in Information Technology, Cybersecurity, Information Systems, Risk Management, Business, or related field
  • CISSP certification
  • CISA certification
  • CRISC certification
  • CISM certification
  • CGEIT certification
  • Authorized to work in the United States full-time without employer sponsorship
  • Hybrid work onsite three (3) or more days per week
  • Experience with GRC platforms, compliance automation tools, and policy management
  • Experience with IT risk assessments, control design, control assessments/testing, and remediation
  • Experience with third-party/vendor technology risk management

Westfield Insurance Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about Westfield Insurance and has not been reviewed or approved by Westfield Insurance.

  • Retirement Support A defined-benefit pension alongside a 401(k) with employer contributions is presented as a standout component and an uncommon combination today. Safe-harbor style 401(k) contributions are referenced, adding reliable long-term value.
  • Leave & Time Off Breadth The package includes PTO, paid holidays, sick time, volunteer time off, and parental/caregiver leave. PTO levels are described as ample with increases over tenure and dedicated volunteer time.
  • Wellbeing & Lifestyle Benefits Wellness incentives and fitness reimbursement are available, with on-site amenities like a fitness center and cafeteria at the home office. Learning resources and recognition programs further support overall wellbeing.

Westfield Insurance Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Westfield Center, Ohio
2,902 Employees

What We Do

Founded in 1848, Westfield is a global leader in property and casualty insurance, delivering superior risk insights and innovative solutions to customers through a diverse portfolio of insurance products. Westfield underwrites commercial, personal, surety, and specialty lines of coverage through a network of leading independent agents and brokers in the United States and specialty products through Lloyd’s of London Syndicate 1200. As a mutual insurance company with more than 3,000 employees, Westfield has revenues in excess of $4 billion and more than $10 billion in assets.

Similar Jobs

Zscaler Logo Zscaler

Account Executive

Cloud • Information Technology • Security • Software • Cybersecurity
Easy Apply
Remote or Hybrid
Ohio, USA
8697 Employees
138K-172K Annually

Xero Logo Xero

Consultant

Cloud • Fintech • Information Technology • Machine Learning • Software
Remote or Hybrid
United States
4500 Employees
103K-129K Annually

CrowdStrike Logo CrowdStrike

Global Events Manager, Registration & Event Tech

Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
Remote or Hybrid
USA
10000 Employees
110K-160K Annually

Circle Logo Circle

Senior Director, Arc - Agentic Commerce Strategy & GTM

Blockchain • Fintech • Payments • Financial Services • Cryptocurrency • Web3
In-Office or Remote
25 Locations
1050 Employees
245K-308K Annually

Similar Companies Hiring

Globe Life Thumbnail
Insurance • Financial Services
McKinney, TX
3000 Employees
MassMutual India Thumbnail
Big Data • Fintech • Information Technology • Insurance • Financial Services
Hyderabad, Telangana
Granted Thumbnail
Mobile • Insurance • Healthtech • Financial Services • Artificial Intelligence
New York, New York
23 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account