UFG Insurance is seeking an IT Internal Controls Analyst to assist in the design and oversight of a robust IT control framework and providing risk and control advisory support for the SOX framework and occasional support for operational internal audits. The ideal candidate has a background in IT risk identification, control design, and process optimization within the P&C insurance or financial services industries. This individual will assist in fostering a culture of strong governance, IT risk management, and continuous improvement across the organization.
Essential Duties & Responsibilities:
- Serve as a subject matter expert on IT internal controls, providing guidance and education to IT and business partners
- Assist in the testing of the IT SOX controls, including IT general controls (ITGCs), automated controls (ITACs), and key report testing
- Lead walkthroughs of key business processes and underlying technology, collaborating with IT and business process owners to design effective and efficient controls
- Create and maintain detailed IT SOX documentation, including IT process flowcharts, risk and control matrices, and testing workpapers
- Conduct IT risk assessments to identify, evaluate, and prioritize technology-related risks to financial reporting and business operations
- Evaluate IT control deficiencies to understand root cause and impact and work with process and control owners to develop and track effective remediation plans
- Evaluate controls and processes for opportunities to leverage automation and new technologies, reducing manual effort and improving control effectiveness
- Assist in the execution of the audit plan, including the performance of risk assessments and coordination of internal audit testing
- Serve as a liaison for external auditors and support documentation requests
Job Specifications:
Education:
- Bachelor's degree in management information systems, computer science, accounting or a related field.
Certifications/Designations:
- Certified Information Systems Auditor (CISA), Certified Public Accountant (CPA), or Certified Internal Auditor (CIA) is strongly preferred.
Experience:
- 1-3 years of experience in IT audit, IT internal controls, or public accounting with a focus on technology, preferably within the insurance or financial services industry.
- Experience supporting a SOX compliance program, including participation in IT risk assessments, control design, and documentation.
- Experience with testing automated controls and key reports is a plus.
- Experience in a public company environment is a plus.
Knowledge, Skills, & Abilities:
- Strong knowledge of the Sarbanes-Oxley Act, COSO framework, and US GAAP as they relate to IT controls.
- Exceptional analytical skills with the ability to identify, analyze, and interpret complex IT and business processes and risks.
- Proven ability to drive IT process improvements and implement automated control solutions.
- Excellent communication skills, both written and oral, with the ability to effectively present complex IT risk information to all levels of the organization.
- Strong leadership, interpersonal, and collaborative skills to influence change across IT and business teams.
- Strong understanding of cyber security and information security frameworks (e.g., NIST, COBIT).
Pay Transparency Statement
UFG Insurance is committed to fair and equitable compensation practices. The base salary range for this position is $71,598 - $94,396 annually, which represents the typical range for new hires in this role. Individual pay within this range will be determined based on a variety of factors, including relevant experience, education, certifications, skills, internal equity, geography and market data.
In addition to base salary, UFG Insurance offers a comprehensive total rewards package that includes:
- Annual incentive compensation
- Medical, dental, vision & life insurance
- Accident, critical Illness & short-term disability insurance
- Retirement plans with employer contributions
- Generous time-off program
- Programs designed to support the employee well-being and financial security.
This pay range disclosure is provided in accordance with applicable state and local pay transparency laws.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
Skills Required
- Bachelor's degree in management information systems, computer science, accounting or related field
- 1-3 years of experience in IT audit, IT internal controls, or public accounting with technology focus
- Experience supporting a SOX compliance program including IT risk assessments, control design, and documentation
- Experience testing IT general controls (ITGCs), automated controls (ITACs), and key report testing
- Strong knowledge of the Sarbanes-Oxley Act (SOX), COSO framework, and US GAAP as they relate to IT controls
- Strong understanding of cybersecurity and information security frameworks (e.g., NIST, COBIT)
- Ability to create and maintain IT SOX documentation, process flowcharts, risk and control matrices, and testing workpapers
- Excellent written and oral communication, leadership, interpersonal, and collaborative skills
- CISA, CPA, or CIA certification
- Experience testing automated controls and key reports
- Experience in the insurance or financial services industry and public company environments
What We Do
Founded in 1946 as United Fire & Casualty Company, UFG Insurance (Nasdaq: UFCS) is engaged in the business of writing property and casualty insurance through its insurance company subsidiaries. Headquartered in Cedar Rapids, Iowa, UFG is licensed as a property and casualty insurer in 50 states, plus the District of Columbia, and is represented by approximately 1,000 independent agencies. A.M. Best Company assigns a financial strength rating of “A-” (Excellent) for the members of United Fire & Casualty Group, with a stable outlook, reflecting long-term balance sheet strength.








