×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Lead GRC Analyst

Job in Clifton, Passaic County, New Jersey, 07015, USA
Listing for: Kalepa Insurance Services, LLC
Full Time position
Listed on 2026-06-08
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
## Lead GRC Analyst Apply remote type:
Hybrid locations:
NJ-Warren time type:
Full time posted on:
Posted Todayjob requisition :
JR-000881

MSIG USA continues to grow!
** Company Overview:
** MSIG USA is the US-based subsidiary of MS&AD Insurance Group Holdings, Inc., one of the world’s top P&C carriers and a global Class 15 insurer, with A+ ratings and a reach that spans 40+ countries and regions. Leveraging our 350-year heritage, MSIG USA brings the financial strength, expertise, and global footprint to offer commercial insurance solutions that address your business’s unique risks.
** Role Overview
** MSIG is seeking a Lead**, Governance, Risk & Compliance (GRC)
** to help run and mature core security governance, risk management, and compliance activities. This role is ideal for an experienced
** GRC analyst, IT risk professional, or IT auditor
** who is ready to take on broader ownership, mentor others, and grow into a people or program leadership position.

The Manager will be
** hands-on and execution-focused**, supporting regulatory compliance, audits, IT risk management, and policy governance. While the role will contribute to leadership reporting,
** primary Board and executive-facing responsibilities are limited
** and supported by senior security leadership.
** Key Responsibilities
**** 1. Governance & Compliance Execution
*** Maintain and operate MSIG’s security governance and compliance program
* Support compliance with key regulations and frameworks (e.g., NYDFS 23 NYCRR 500, HIPAA, GDPR, NIST CSF, ISO 27001)
* Track compliance obligations, evidence, and deadlines using defined processes and tools
* Assist with monitoring regulatory changes and assessing their operational impact
** 2. IT Risk Management
*** Conduct and support IT and security risk assessments across infrastructure, applications, and cloud environments
* Maintain the IT risk register, including risk documentation, remediation tracking, and status updates
* Partner with technical teams to document controls and support risk remediation efforts
** 3. Audit & Regulatory Support
*** Coordinate internal and external audit activities, including evidence collection and response tracking
* Support interactions with auditors and regulators, with senior leadership leading formal communications
* Track audit findings and assist with remediation planning and follow-up
** 4. Policy & Standards Management
*** Support the development, review, and maintenance of security and IT policies and standards
* Manage policy review cycles and ensure documentation remains current and accessible
* Help promote awareness and adoption of security policies across the organization
** 5. Third-Party Risk Management (TPRM)
*** Perform vendor and third-party security risk assessments
* Maintain vendor risk documentation, findings, and remediation tracking
* Partner with Procurement and Legal to support security due diligence activities
** 6. Reporting & Program Support
*** Prepare GRC metrics, dashboards, and summary reports for security leadership
* Contribute to leadership and management-level reporting on risk and compliance posture
* Support continuous improvement initiatives across the GRC program
** Qualifications
* *** Required
* ** 5–8+ years of experience in GRC, IT risk management, IT audit, or information security
* Hands-on experience with regulatory compliance, audits, or risk assessments
* Working knowledge of NYDFS Cybersecurity Regulation (23 NYCRR 500) and at least one major framework (NIST CSF, ISO 27001, etc.)
* Experience maintaining risk registers, audit evidence, or compliance documentation
* Strong written communication skills with the ability to document risks, controls, and findings clearly
** Preferred
* ** Experience in insurance or financial services
* Familiarity with GRC tools (e.g., Service Now GRC, Archer, One Trust, or similar)
* Exposure to cloud environments (Azure and/or AWS)
* Relevant certifications such as CISA, CRISC, CISM, or CISSP (or actively pursuing)
It's an exciting time for our company and a great opportunity to join a financially sound and growing global insurance group!

It is the policy of MSIG USA to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law.

In addition, MSIG USA will provide reasonable accommodations for qualified individuals with disabilities.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search