Data Security Analyst

Location/

Schedule:

Tampa, FL/Hybrid, 2 days in-office

Classification: Full-Time/Exempt

Old Republic is a leading specialty insurer that operates diverse property & casualty and title insurance companies. Founded in 1923 and a member of the Fortune 500, we are a leader in underwriting and risk management services for business partners across the United States and Canada. Our specialized operating companies are experts in their fields, enabling us to provide tailored solutions that set us apart.

The Data Security Analyst plays a critical role in safeguarding the organization’s information assets and partners with the Security Governance, Risk, and Compliance (GRC) team and business and technology stakeholders across the enterprise. The analyst helps implement data protection strategies, monitor security controls, assess risks, support compliance initiatives, and ensure alignment with internal policies and regulatory requirements. This role requires a detail‑oriented security professional who can work independently, provide technical and analytical expertise, and drive measurable improvements in the organization’s data security posture.

• Support the development, implementation, and continuous improvement of data security policies, standards, and procedures.
• Monitor and protect sensitive data across systems, applications, and environments.
• Conduct and/or assist with data‑focused risk assessments, control evaluations, and compliance reviews.
• Support data classification, data loss prevention (DLP) activities, and ongoing data protection initiatives.
• Analyze security events, identify potential data risks, and elevate findings as needed.
• Coordinate with cross‑functional teams to ensure consistent execution of data security and compliance requirements.
• Prepare reports, dashboards, and metrics that communicate data security trends and overall program effectiveness.
• Contribute to training, awareness efforts, and data security best‑practice guidance for business and technical teams

• 1-3 years of experience in data security, cybersecurity, or GRC within a complex organization.
• Strong understanding of data protection regulations and frameworks (e.g., SOX, HIPAA, PCI DSS).
• Familiarity with DLP tools, encryption technologies, and data discovery tools.
• Strong analytical and problem‑solving skills with the ability to evaluate complex data‑related risks.
• Excellent critical thinking skills and the ability to recommend effective data security solutions.
• Ability to work independently and collaboratively with both business and technical teams.
• Strong written and verbal communication skills, including experience preparing documentation or reports for leadership.
• Professional certifications (CISSP or equivalent) are preferred.

ORI is an Equal Opportunity Employer. ORI provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.