Technology Risk and Compliance Analyst

Job not on LinkedIn

🕒 May 20

🐊 Florida – Remote

🐊 Florida – Remote

💵 $85k - $105k / year

⏰ Full Time

🟡 Mid-level

🟠 Senior

🚔 Compliance

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Brown & Brown Insurance

WebsiteLinkedInAll Job Openings

10,000+ employees

Founded 1939

💸 Finance

Finance • Insurance

Brown & Brown Insurance is one of the largest independent insurance brokerages globally, providing a comprehensive range of risk management solutions. Established in 1939, the company offers personal and business insurance, employee benefits, and various national programs. Brown & Brown is committed to diversity, inclusion, and belonging, fostering a culture that values talent and experience. With over 500 locations, the company is well-positioned to meet the diverse needs of its clientele and is listed on the New York Stock Exchange under the ticker BRO. The firm's strategic focus on mergers and acquisitions highlights its disciplined growth strategy.

📋 Description

• Identify, assess, and document technology risks across projects, products, and platforms within the Retail portfolio. • Facilitate the prioritization of technology risks based on business impact, regulatory exposure, and defined risk appetite. • Conduct risk assessments for new initiatives, including M&A integrations and platform implementations. • Partner with project managers and product teams to integrate risk mitigation into delivery plans and milestones. • Ensure risk mitigation strategies align to enterprise risk appetite and portfolio priorities. • Monitor risk exposure and ensure remediation activities are tracked through completion. • Ensure alignment with internal policies and external regulatory requirements (e.g., SOX, SOC controls, data privacy standards). • Support implementation and maintenance of IT governance, risk, and compliance (GRC) frameworks. • Evaluate and ensure technology policies, standards, and procedures are fit for purpose and aligned to regulatory and business requirements. • Maintain compliance documentation, control narratives, and evidence repositories. • Monitor and report adherence to policies, standards, and standard operating procedures across the portfolio. • Support internal and external audit activities, including evidence collection, walkthroughs, and remediation tracking. • Partner with internal and external Audit to support successful audit outcomes, including SOX compliance, evidence validation, and timely remediation of findings. • Assess effectiveness of IT controls and identify gaps across applications, infrastructure, and processes. • Partner with control owners to strengthen control design and execution. • Drive timely closure of audit findings and control deficiencies. • Partner with Vendor Management and enterprise third- and fourth-party risk teams to ensure technology-related vendor risks are identified and addressed. • Incorporate vendor-related risks into portfolio-level risk visibility and reporting. • Support tracking and remediation of vendor-related control gaps impacting Retail Technology delivery. • Prepare and deliver transparent, decision-ready reporting for governance forums, including Steering Committees and OCIO leadership. • Provide insights that enable leadership to evaluate risk exposure alongside investment, delivery progress, and business outcomes. • Highlight trade-offs, emerging risks, and areas requiring leadership attention or decision. • Track key risk indicators (KRIs), control effectiveness, and remediation progress. • Identify opportunities to streamline and improve GRC processes, tooling, and operating model effectiveness. • Contribute to the evolution of OCIO governance, risk, and control frameworks.

🎯 Requirements

• Bachelor’s degree in Information Technology, Cybersecurity, Business, or related field. • 3–7 years of experience in IT risk, compliance, audit, or cybersecurity. • Strong working knowledge of GRC frameworks (e.g., NIST, ISO 27001, COBIT). • Knowledge of regulatory standards (SOX, SOC, GDPR, or similar). • Experience with risk assessment, control design, and audit support. • Ability to translate technical risk into business impact and executive-level messaging. • Strong collaboration and stakeholder management across technology and business teams. • High attention to detail with disciplined documentation practices. • Able to travel up to 30%.

🏖️ Benefits

• Health Benefits : Medical/Rx, Dental, Vision, Life Insurance, Disability Insurance • Financial Benefits : ESPP; 401k; Student Loan Assistance; Tuition Reimbursement • Mental Health & Wellness : Free Mental Health & Enhanced Advocacy Services • Beyond Benefits : Paid Time Off, Holidays, Preferred Partner Discounts and more.