Information Security Governance Specialist

Did you know that about 10% of all insurance payouts are flowing directly into the pockets of fraudsters? The future of insurance starts with Decisions Made Better.

Shift Technology harnesses the power of AI to enable the world’s leading insurance organizations to make better decisions.  Our products automate and optimize decisions from underwriting to claims, resulting in increased operational efficiency, reduced costs, and superior customer experiences for millions of people around the globe.

Our culture is built on innovation, trust, and a drive to transform the insurance industry by imagining and innovating solutions that impact insurers and their customers - like you! We come from more than 40 different countries and cultures and together we are creating the future of insurance.

The security team is a critical component of Shift Technology as no organization is immune to cyber-crime. The team is responsible for protecting information throughout the security infrastructure, edge devices, networks, and data. We strive to stay up to date with the latest tactics hackers are employing in the field in order to prevent data breaches by monitoring and reacting to attacks but the first step is finding the most qualified professionals to lead the way. 

What you'll do...

As an experienced Information Security Governance specialist within SHIFT, you will contribute to the development, implementation and maintenance of the key information security policies, regulations and processes across the organisation. As part of the information security department, this role reports to the CISO. More specifically, you will be responsible for:

• Developing and assisting in the development and maintenance of IS policies, standards, and procedures.
• Maintaining and reporting out IS metrics
• Supporting security awareness training and activities throughout the organisation.
• Assisting in developing enterprise and functional team specific presentations to promote a security mindset.
• Support developing remediation plans for issues and risks, coordinate activities with owners, and track remediation to completion.
• Analysing third-parties for adherence to SHIFT policies and standards.
• Evaluating risks related to policy and standard exceptions.
• Helping respond to customer or other third-party inquiries related to SHIFT’s IS program.
• Coordinating audits and information gathering including preparing for SOC 2 examinations, third-party assessments, etc. while ensuring timely response.
• Performing control assessments against SHIFT’s control framework.
• Identifying opportunities for automation and process efficiencies and assist in implementation of GRC toolsets.
• Collaborating with other SHIFT’s  teams to ensure SHIFT is complying with policies, standards, and regulatory requirements.
• Support the CISO and the department in regular activities and security operations oversight.
• Working with the GRC Team to ensure the company stays abreast of new regulatory, legal, compliance, and security requirements.
• Performing other duties as required.

What you bring...

• At least four (4) years of proven experience in the IS GRC field or combination of experience in related disciplines.
• Bachelor’s Degree, ideally in Computer Engineering, Computer Science, or Information Systems Management or equivalent work experience in the field of IS.
• Possess current or working towards relevant certifications (e.g., CISA, CISM, CRISC, etc.).
• Knowledge of compliance requirements such as HIPAA, HDS, GDPR, FedRAMP etc.
• Knowledge of IS frameworks such as SOC 2, NIST, ISO, etc.
• Problem analysis and resolution at both a strategic and functional level.
• The ability to organise and manage multiple priorities.
• Strong documentation skills.
• Excellent interpersonal and communication skills.
• Ability to translate technical requirements to business objectives.

Recruitment Process

• HR Screening
• Security team interview
• CTO interview

#LI-BA1    #LI-HYBRID

To support our employees at every stage of their careers and lives, we are always assessing the benefits we offer to ensure we are competitive. Here are some we’d like to highlight:

• Flexible remote and hybrid working options
• Competitive Salary and a variable component tied to personal and company performance
• Company equity
• Generous PTO and paid holidays
• Parental leave opportunities
• Extensive mental health benefits provided via our global Employee Assistance Program
• Paid volunteering time - 16 hours annually

We offer many benefits in various countries - ask your recruiter for more information.

At Shift we strive to be a diverse and inclusive workforce. We hire and trust people without regard to race, color, religion, marital status, age, national or ethnic origin, physical or mental disability, medical condition, pregnancy, genetic information, gender identity or expression, sexual orientation, or other non-merit criteria.

Shift Technology is committed to providing reasonable accommodations for qualified individuals with disabilities in our application and employment process. Should you require accommodation, please email accommodation@shift-technology.com and we will work with you to meet your accessibility needs.

Shift Technology does not accept unsolicited CVs from recruiters or employment agencies in response to the Shift Technology Careers page or a Shift Technology social media post. Any unsolicited CVs, including those submitted directly to hiring managers, are deemed to be the property of Shift Technology.