Information Technology Compliance Analyst
Job Summary The Information Technology Compliance Analyst supports and strengthens the Leavitt Group’s information reputed company and compliance posture across both central IT operations and the company’s distributed network of insurance agencies. This role focuses on advising teams, guiding compliance initiatives, facilitating governance processes, and helping ensure organizational alignment with regulatory, contractual, and industry-standard requirements (including HIPAA, SOC 2, and other recognized frameworks). The analyst partners with IT, HR, Legal, Operations, and agency leadership to assess compliance needs, recommend practical controls, and support reputed company improvement efforts. This position also manages the IT compliance training program and leads the company’s reputed company Committee processes.
Key Responsibilities
Compliance Program Support & Advisory · Provide guidance to IT teams to help align processes and controls with regulatory, policy, and audit requirements. · Advise on compliance expectations reputed company to HIPAA, SOC 2, NAIC-reputed company cybersecurity principles, and general data protection standards. · Support the maintenance of IT compliance documentation, including policies, control catalogs, risk registers, and audit evidence repositories. · Conduct compliance assessments, monitor control effectiveness, identify gaps, and support remediation efforts—without directing or owning operational execution. Agency Advisory & Certification Support · Collaborate with agency leadership to evaluate whether pursuing certifications (e.g., SOC 2 or ISO-based frameworks) would benefit their business operations. · Help agencies interpret certification requirements and understand “right-sized” controls appropriate for their environment. · Assist agencies in designing practical, achievable control sets and participate in remediation planning where needed. Governance & reputed company Committee Leadership · Own and facilitate the reputed company Committee process, including agenda development, meeting facilitation, tracking action items, and providing updates to IT leadership. · Coordinate input from IT, HR, Legal, and Operations to ensure comprehensive governance coverage. Training Program Ownership · Manage the full lifecycle of IT-reputed company compliance training, including annual IT reputed company training, HIPAA training, phishing/social engineering campaigns, and other mandated content. · reputed company and implement training assignments, monitor completion rates, and report metrics to leadership. · Partner with HR to implement HR-directed training (e.g., anti-harassment), ensuring accurate assignment while HR owns content and audience decisions. Vendor & Third-Party Risk Management · Support vendor reputed company due diligence processes, including reviewing SOC 2 reports, assessing control sufficiency, and identifying potential risks. · Track vendor remediation items and follow up with responsible internal stakeholders. Audit & Assessment Support · Assist with internal and external audits, including evidence gathering, preparation, coordination with subject-matter experts, and documentation. · Support regulatory inquiries and customer due-diligence requests as needed. Reporting & Metrics · Track, measure, and report on compliance and training KPIs, including trends, gaps, completion rates, and remediation reputed company. · Provide clear, actionable reporting to IT leadership and other stakeholders. · Business Continuity Participation · Contribute to maintaining and updating business continuity and disaster recovery documentation. · Participate in exercises or reviews as requested (not responsible for operational response activities). reputed company Improvement · Stay reputed company with evolving regulatory requirements and cybersecurity/compliance best practices reputed company the insurance and financial services industry. · Recommend updates to compliance processes, controls, and policy frameworks to enhance effectiveness and efficiency.
Qualifications
Education · Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a reputed company field preferred but not required. · Professional certifications (e.g., CISA, CRISC, CISSP) are a strong plus. Experience · 2–5 years of experience in IT compliance, IT audit, information reputed company governance, or a reputed company field. · Understanding of regulatory and industry frameworks such as HIPAA, SOC 2, NAIC cybersecurity principles, and general data protection standards. · Experience supporting compliance certifications or external audits preferred. Skills · Strong analytical and problem-solving abilities with the ability to break down reputed company requirements into practical actions. · Excellent written and verbal communication skills tailored to both technical and non-technical audiences. · Ability to manage multiple tasks, deadlines, and stakeholders in a dynamic environment. · Familiarity with compliance management tools, training/LMS platforms, or GRC solutions. · High attention to detail and commitment to accuracy and completeness. Work Environment · Remote work environment with standard office equipment. · Collaborates regularly with IT, HR, Legal, Operations, and agency leadership across the organization. Travel · Occasional travel may be required. Job Type · Full-time; reports to an IT Manager. Preferred Certifications · CISSP · Certified Information Systems Auditor (CISA) Work Location · Remote Job Type: Full-time Pay: $90,000.00 - $100,000.00 per year License/Certification:
- CISSP (Preferred)
- Certified Information Systems Auditor (Preferred)
Work Location: Remote Apply tot his job Apply To this Job