This job has expired, please see additional jobs below
Consulting Director
CNA Financial Corporation
Chicago, IL, United States
Job Details - this job has expired, please see similar jobs below
Description
Job Summary
The Consulting Director IT Compliance Management is an individual contributor responsible for driving compliance with CNA IT policies and standards. This role will provide guidance to other departments when dealing with local conditions including prevailing laws regulations and other compliance requirements. This role ensures appropriate response to regulator requests for information regarding IT controls. This position will also proactively implement the Information Security program requirements policies standards and procedures to drive compliance in order to manage risk to the enterprise effectively. This role is responsible for designing developing implementing monitoring reporting and recommending improvements to programs to drive compliance with established policies and procedures which mitigate IT risks. As part of this work this position will define and track technologies policies procedures and processes that address CNA’s IT risk and security needs and be accountable for coordinating IT’s response to internal and external audits. This position also collaborates cross functionally on a wide variety of compliance process improvement and analytical initiatives.
Essential Duties & Responsibilities
Performs a combination of duties in accordance with departmental guidelines:
Responsible for developing information security policies and effectively applying proper frameworks to ensure IT compliance requirements are thoroughly and consistently met.
Ensure the enterprise meets applicable IT and information security laws regulations standards and policies to satisfy regulatory requirements and achieve information security program goals by researching and staying abreast of statutes and trends as they evolve.
Develop and maintain guidance documents policies and procedures that direct IT and other departments to comply with IT controls.
Provide oversight and collaboration with related governance functions (e.g. Risk Management IT HR Legal etc.) in policy development management and the enforcement of established policies procedures and governance of IT Compliance programs.
Develop processes lead improvement initiatives and perform audits and assessments related to best practices in ensuring IT compliance.
Coordinate response to the customer’s assessments and reviews of CNA’s security controls.
Create innovative recommendations for improving efficiency and effectiveness of IT controls and drive compliance automation.
Design and execute monthly and quarterly IT compliance reports as required.
Work to support operational change control process and provide oversight and compliance approvals of project deliverables; IT change requests and IT issue reports.
Collaborate with other stakeholders to conduct IT vendor/supplier audits and provide oversight for managed services vendor staff working on IT Compliance and operational activities.
May perform additional duties as assigned.
Reporting Relationship
Typically reports to AVP or above.
Skills Knowledge & Abilities
Preferred experience with the insurance industry its products and services.
Strong knowledge of governance frameworks and experience with auditing and audit techniques.
Expert knowledge of security policy construction and publication along with broad knowledge of information security principles risk management methodologies / frameworks and industry standards.
Strong experience with internal controls and common information technology related frameworks such as ITIL NIST COSO COBIT ISO etc.
Strong skills in influencing others to adhere to security policies.
Strong ability to manage projects plan organize and coordinate work assignments along with excellent written and verbal communication skills with the ability to translate technical concepts and interface effectively with senior management and outside counsel.
Strong experience with business processes control environment process documentation and controls mapping.
Ability to work well under pressure and possess strong problem-solving skills.
Strong ability to interact with senior leadership across IT and business functions and influence decisions through advice and counsel.
Strong knowledge of regulations (SOX Privacy HIPAA etc.) as they apply to CNA IT.
Education & Experience
• Bachelor’s Degree required or equivalent work experience. Master’s Degree in Computer Science or technical field preferred.
• Typically a minimum of ten years of related work experience such as IT Compliance Audit or Quality experience. Deep insurance industry experience preferred.
• Strong knowledge of control frameworks and regulations in the financial services or insurance industry.
• IT Risk and Compliance Audit or Quality certifications preferred (e.g. CISSP CISM CISA CIA CRISC CGEIT CIAC ISO etc.).
*LI-LP1