AVP IT Risk & Compliance at CNA

| Chicago, IL
Sorry, this job was removed at 7:19 p.m. (CST) on Tuesday, October 12, 2021
Find out who's hiring in Nationwide.
See all Operations jobs in Nationwide
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Job Summary
Officer position responsible for the IT Governance, Risk & Compliance function, and its interfaces with other functional areas across CNA. This role will lead the Governance, Risk and Compliance team, providing leadership and hands on guidance for all information security risk assurance activities across the enterprise, including first line of defense controls monitoring and testing. This position also acts as the Security liaison with IT operations and development teams for ongoing compliance initiatives. Serves as a Trusted Advisor to the business and technology stakeholders across the enterprise to partner on security, compliance and technical privacy improvements, manage risk of security exceptions, and stay aligned on common goals. As a leader within the Corporate Security Group, participates in the development and execution of strategy, and the identification and implementation of innovative controls to manage risk while enabling business performance.
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:
  1. Leads, directs, and has full management accountability for the performance and development of all IT Governance, Risk and Compliance staff in Information Security, including but not limited to IT Risk Management, IT Security Controls, Vendor Risk Management (shared), IT Compliance, Issues Management, Policies and Standards, Training and Awareness, Customer Compliance Inquiry, Security Advisory and Metrics and Reporting (KRI/KPI management) and managing a risk register.
  2. Establishes IT Risk and Compliance strategies and guides the execution and implementation of the strategies. Also provides significant input into the future strategy of Information Security at CNA.
  3. Actively works to identify, assess, and monitor emerging risks, evaluates associated vulnerabilities and threats, and provides mitigations strategies to protect the organization. Provides support, as required, with Second and Third Line of Defense reviews.
  4. Frequently works with senior IT and business leaders in re-evaluating IT risks from vendors.
  5. Oversees Security risk management, including the identification, analysis, and measurement of risks; the monitoring and reporting on security risks, and the disposition of said risks. Acts as the primary contact for the Enterprise Risk Management team on IT Security-related risk issues.
  6. Oversees Security Compliance and the associated IT Controls areas and partners with the Corporate Compliance organization on regulatory issues for IT. Leading a team that is responsible for coordinating third party risk and assessment on suppliers and partners.
  7. Continue program related to risk reduction and maturity following NIST-CSF, HITRUST, SOC2, HIPAA and other related frameworks and regulations.
  8. Directs and oversees the development and implementation of IT Risk standards, procedures and guidelines to prevent the unauthorized use, release, modification, or destruction of data across multiple platforms and environments. Aligned with risk above, will measure compliance with policies and standards across IT for technical standards and the enterprise for non-technical ones.
  9. Works closely with other leaders across Information Security to ensure a common approach to threat and intelligence analysis, risk management methodologies, compliance reporting, and crisis management. Owns IT policies, awareness, and training.
  10. Oversees development, review and update of Corporate Security policies and associated standards.
  11. Oversees the education and awareness team. Provides Information Security continuous education and training of our employees, contractors, and third party vendors about InfoSec risk and maturity. In addition, this individual and their team will expand our information security training strategy and program, oversee its implementation, and assess its outcomes.

May perform additional duties as assigned.
Reporting Relationship
Typically VP or above
Skills, Knowledge & Abilities
  1. In depth experience with all aspects of information security, risk management, and business continuity management.
  2. Senior level knowledge of regulations (i.e., SOX, HIPAA, privacy, etc.) as it pertains to IT risk and controls.
  3. Excellent ability to influence change in enterprise understanding and adoption of information security concepts.
  4. Excellent analytical and problem solving skills.
  5. Excellent communications and interpersonal skills and the ability to work effectively with peers and cross functional senior executives.
  6. Strong understanding of crisis management skills.
  7. Strong ability to manage complex projects to completion.
  8. Proven ability to lead and motivate others in accomplishing goals.
  9. Preferred insurance industry knowledge.

Education & Experience
  1. Bachelor's Degree required or equivalent work experience. Master's Degree in Computer Science or technical field preferred.
  2. Minimum of ten years of information security, and IT risk and compliance experience with five years' management experience. Deep insurance industry experience preferred.
  3. CISSP or CISA\CISM and IT Risk and Compliance certifications preferred.
Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • PerlLanguages
    • PythonLanguages
    • RLanguages
    • SqlLanguages
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • AngularJSFrameworks
    • Node.jsFrameworks
    • SpringFrameworks
    • AccessDatabases
    • DB2Databases
    • Microsoft SQL ServerDatabases
    • MySQLDatabases
    • OracleDatabases
    • PostgreSQLDatabases
    • Google AnalyticsAnalytics
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • SalesforceCRM
    • SendGridEmail
    • MarketoLead Gen

What are CNA Perks + Benefits

CNA Benefits Overview

One of the many advantages of working at CNA is the benefits program we offer you and your eligible dependents,
beginning on the first day of your employment. The program features a variety of plans that provide health care
benefits, well-being, disability and survivor protection, and 401(k) savings, among others. Below are highlights
of the offerings.

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Open door policy
Team owned deliverables
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Someone's primary function is managing the company’s diversity and inclusion initiatives
Diversity Employee Resource Groups
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Wellness Programs
Onsite Gym
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Adoption Assistance
Vacation & Time Off Benefits
Generous PTO
Paid Holidays
Paid Sick Days
Perks & Discounts
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Online course subscriptions available
More Jobs at CNA180 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR + Recruiting
Internships
Legal
Marketing
Operations
Product
Project Mgmt
Sales
Content
Finance
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Developer
new
Chicago, IL
Finance
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Sales
new
Philadelphia, PA
HR + Recruiting
new
Chicago, IL
Developer
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Content
new
Chicago, IL
Operations
new
Lake Mary
Operations
new
Lisle
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Operations
new
Lake Mary
Operations
new
Lisle
Operations
new
Sioux Falls
Operations
new
Wyomissing
Operations
new
Lake Mary
Data + Analytics
new
Chicago, IL
Operations
new
Dallas-Fort Worth, TX
Product
new
Chicago, IL
Sales
new
Lake Mary
Data + Analytics
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Operations
new
Chicago, IL
Finance
new
Chicago, IL
Finance
new
Chicago, IL
Finance
new
Chicago, IL
Operations
new
Lisle
Finance
new
Chicago, IL
Project Mgmt
new
Chicago, IL
Developer
new
Chicago, IL
Operations
new
Chicago, IL
Operations
new
Chicago, IL
Operations
new
Sioux Falls
Data + Analytics
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Sales
new
Melville
Sales
new
Philadelphia, PA
Sales
new
Chicago, IL
Operations
new
Chicago, IL
HR + Recruiting
new
Chicago, IL
Developer
new
Wyomissing
Data + Analytics
new
Chicago, IL
Content
new
Dallas-Fort Worth, TX
Operations
new
Chicago, IL
Developer
new
Chicago, IL
Operations
new
Chicago, IL
Finance
new
Chicago, IL
Sales
new
Minneapolis–Saint Paul, MN
Finance
new
Dallas-Fort Worth, TX
Marketing
new
Chicago, IL
Operations
new
Wyomissing
Finance
new
Kansas City, MO
Operations
new
Phoenix – Mesa – Scottsdale, AZ
Data + Analytics
new
Detroit, MI
Operations
new
Minneapolis–Saint Paul, MN
HR + Recruiting
new
Chicago, IL
HR + Recruiting
new
Chicago, IL
Finance
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Operations
new
Chicago, IL
Operations
new
Chicago, IL
Operations
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Developer
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Finance
new
Houston, TX
Finance
new
Dallas-Fort Worth, TX
Finance
new
Minneapolis–Saint Paul, MN
Project Mgmt
new
Chicago, IL
Developer
new
Chicago, IL
Finance
new
Chicago, IL
Operations
new
Miami, FL
Data + Analytics
new
Chicago, IL
Internships
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Finance
new
Lake Mary
HR + Recruiting
new
Chicago, IL
Data + Analytics
new
Chicago, IL
Finance
new
Philadelphia, PA
Finance
new
Dallas-Fort Worth, TX
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView CNA's full profileSee more CNA jobs