Vertafore is a leading technology company whose innovative software solution are advancing the insurance industry. Our suite of products provides solutions to our customers that help them better manage their business, boost their productivity and efficiencies, and lower costs while strengthening relationships.
Our mission is to move InsurTech forward by putting people at the heart of the industry. We are leading the way with product innovation, technology partnerships, and focusing on customer success.
Our fast-paced and collaborative environment inspires us to create, think, and challenge each other in ways that make our solutions and our teams better.
We are headquartered in Denver, Colorado, with offices across the U.S., Canada, and India.
Vertafore is looking for a Compliance and Audit Manager to join our SaaS Operations organization. The role will primarily focus on ensuring the operations and product development teams adhere to SOC, SOX, ISO and other regulatory and security compliance requirements. The person will also be responsible to drive initiatives to meet continuous compliance requirements, NIST and CIS framework adoption, IRM (Information Risk Management) defined SLAs for vulnerability management and other deliverables.
Core Requirements and Responsibilities:
Essential job functions included but are not limited to the following:
Collaborate with IRM and senior management team to design and execute the departmental controls, policies and procedures, monitor and report the continuous compliance status, the gaps or deviations if any.
Work with responsible parties to document and regularly update policy and procedure documents like Access Management, Disaster Recovery, Patch Management, Data Backups, Operating System images and more to ensure the documents are current and meet the enterprise and regulatory requirements.
Collaborate with the ServiceDesk's access management team, operations leaders, product development management, IRM and Audit teams and ensure that operations and the development teams are following and meeting the SOC, SOX, ISO and other compliance requirements and IRM defined SLAs.
Conduct monthly, quarterly, and annual departmental audits and distribute the reports to leadership. Analyze the data for policy/procedure/operational efficiencies and represent the department in formal audits initiated by IRM, customers or regulatory third-party auditors.
Educate teams and leaders on internal controls, audits compliance best practices, documentation needs and more
Knowledge, Skills and Abilities:
Well versed with Technologies and continuous compliance requirements for SOC, SOX, ISO, CCPA, GDPR and others.
Must have strong experience with enterprise compliance enforcement, defining and driving related programs and performing risk assessments.
Comfortable to interact with executive leaders to present program updates, audit reports and findings
Good data analysis and graphical data representation skills required to prepare insightful reports
Microsoft skills including Word, Excel, PowerPoint and Windows is required
Bachelors Degree in Computer Science, Information Technology or other relevant fields
8+ years of experience in continuous compliance enforcement and auditing in an information technology, banking, financial or insure-tech industry
Related certifications (CPA, ACA, CFA, CIA, CISA or similar) preferred
Additional Requirements and Details:
- Travel required up to 10% of the time.
- Ability to work remotely with a stable internet connection on an as-needed basis
- Located and working from an office location (when required)*
- Occasional lifting and/or moving up to 10 pounds.
- Frequent repetitive hand and arm movements required to operate a computer.
- Specific vision abilities required by this job include close vision (working on a computer, etc.).
- Frequent sitting and/or standing.
*Our offices are currently closed due to COVID-19 and are scheduled to re-open mid 2021.