Audit & Compliance Manager
US-CO-Denver
- Apply
-
-
How Do You Want to Share?
Our fast-paced and collaborative environment inspires us to create, think, and challenge each other in ways that make our solutions and our teams better. Whether you’re interested in engineering or development, marketing or sales, or something else – if this sounds like you, then we’d love to hear from you!
We are headquartered in Denver, Colorado, with offices in the US, Canada, and India.
$100,000-$130,000 + VIP Bonus
Vertafore is a leading technology company whose innovative software solution are advancing the insurance industry. Our suite of products provides solutions to our customers that help them better manage their business, boost their productivity and efficiencies, and lower costs while strengthening relationships.
Our mission is to move InsurTech forward by putting people at the heart of the industry. We are leading the way with product innovation, technology partnerships, and focusing on customer success.
Our fast-paced and collaborative environment inspires us to create, think, and challenge each other in ways that make our solutions and our teams better.
We are headquartered in Denver, Colorado, with offices across the U.S., Canada, and India.
JOB DESCRIPTION
Vertafore is looking for a Compliance and Audit Manager to join our SaaS Operations organization. The role will primarily focus on ensuring the operations and product development teams adhere to SOC, SOX, ISO and other regulatory and security compliance requirements. The person will also be responsible to drive initiatives to meet continuous compliance requirements, NIST and CIS framework adoption, IRM (Information Risk Management) defined SLAs for vulnerability management and other deliverables.
Core Requirements and Responsibilities:
Essential job functions included but are not limited to the following:
Collaborate with IRM and senior management team to design and execute the departmental controls, policies and procedures, monitor and report the continuous compliance status, the gaps or deviations if any.
Work with responsible parties to document and regularly update policy and procedure documents like Access Management, Disaster Recovery, Patch Management, Data Backups, Operating System images and more to ensure the documents are current and meet the enterprise and regulatory requirements.
Collaborate with the ServiceDesk’s access management team, operations leaders, product development management, IRM and Audit teams and ensure that operations and the development teams are following and meeting the SOC, SOX, ISO and other compliance requirements and IRM defined SLAs.
Conduct monthly, quarterly, and annual departmental audits and distribute the reports to leadership. Analyze the data for policy/procedure/operational efficiencies and represent the department in formal audits initiated by IRM, customers or regulatory third-party auditors.
Educate teams and leaders on internal controls, audits compliance best practices, documentation needs and more
Knowledge, Skills and Abilities:
Well versed with Technologies and continuous compliance requirements for SOC, SOX, ISO, CCPA, GDPR and others.
Must have strong experience with enterprise compliance enforcement, defining and driving related programs and performing risk assessments.
Comfortable to interact with executive leaders to present program updates, audit reports and findings
Good data analysis and graphical data representation skills required to prepare insightful reports
Microsoft skills including Word, Excel, PowerPoint and Windows is required
Qualifications:
Bachelors Degree in Computer Science, Information Technology or other relevant fields
8+ years of experience in continuous compliance enforcement and auditing in an information technology, banking, financial or insure-tech industry
Related certifications (CPA, ACA, CFA, CIA, CISA or similar) preferred
Additional Requirements and Details:
- Travel required up to 10% of the time.
- Ability to work remotely with a stable internet connection on an as-needed basis
- Located and working from an office location (when required)*
- Occasional lifting and/or moving up to 10 pounds.
- Frequent repetitive hand and arm movements required to operate a computer.
- Specific vision abilities required by this job include close vision (working on a computer, etc.).
- Frequent sitting and/or standing.
*Our offices are currently closed due to COVID-19 and are scheduled to re-open mid 2021.
Why Vertafore is the place for you: *Canada Only
- The opportunity to work in a space where modern technology meets a stable and vital industry
- Medical, vision & dental plans
- Life, AD&D
- Short Term and Long Term Disability
- Pension Plan & Employer Match
- Maternity, Paternity and Parental Leave
- Employee and Family Assistance Program (EFAP)
- Education Assistance
- Additional programs - Employee Referral and Internal Recognition
Why Vertafore is the place for you: *US Only
- The opportunity to work in a space where modern technology meets a stable and vital industry
- Vertafore is a Flexible First working environment which allows team members to work from home as often as you’d like, while using our offices as a place for collaboration, community, and teambuilding. There are times you may be asked to come into an office and/or travel for specific meetings for a specific business purpose and this varies by job responsibilities.
- Medical, vision & dental plans
- PPO & high-deductible options
- Health Savings Account & Flexible Spending Accounts Options:
- Health Care FSA
- Dental & Vision FSA
- Dependent Care FSA
- Commuter FSA
- Life, AD&D (Basic & Supplemental), and Disability
- 401(k) Retirement Savings Plain & Employer Match
- Supplemental Plans - Pet insurance, Hospital Indemnity, and Accident Insurance
- Parental Leave & Adoption Assistance
- Employee Assistance Program (EAP)
- Education & Legal Assistance
- Additional programs - Tuition Reimbursement, Employee Referral, Internal Recognition, and Wellness
- Commuter Benefits (Denver)
The selected candidate must be legally authorized to work in the United States.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all the job responsibilities, duties, skill, or working conditions. In addition, this document does not create an employment contract, implied or otherwise, other than an "at will" relationship.
Vertafore strongly supports equal employment opportunity for all applicants regardless of race, color, religion, sex, gender identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, sexual orientation, genetic information, or any other characteristic protected by state or federal law.
The Professional Services (PS) and Customer Success (CX) bonus plans are a quarterly monetary bonus plan based upon individual and practice performance against specific business metrics. Eligibility is determined by several factors including: start date, good standing in the company, and actives status at time of payout.
The Vertafore Incentive Plan (VIP) is an annual monetary bonus for eligible employees based on both individual and company performance. Eligibility is determined by several factors including: start date, good standing in the company, and actives status at time of payout.
Commission plans are tailored to each sales role but common components include quota, MBO's and ABPMs. Salespeople receive their formal compensation plan within 30 days of hire.
Vertafore is a drug free workplace and conducts preemployment drug and background screenings.
We do not accept resumes from agencies, headhunters or other suppliers who have not signed a formal agreement with us.
We want to make sure our recruiting process is accessible for everyone. if you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact recruiting@vertafore.com
Just a note, this contact information is for accommodation requests only.