At HUB International, we are a team of entrepreneurs. We believe in empowering our clients, and we do so by protecting businesses and individuals in our local communities. We help businesses evaluate their risks and develop solutions tailored to their needs. We believe in empowering our employees. As a global firm, we offer employees resources in both technology and industry expertise, but we still maintain the local flavor of our offices. Our structure enables our teams to maintain their own unique, regional culture while leveraging support and resources from our corporate centers of excellence.
HUB is the 5th largest global insurance and employee benefits broker, providing a boundaryless array of property, casualty, risk management, life and health, employee benefits, investment and wealth management products and services. With over 17,000 employees in more than 550 offices throughout North America, HUB has grown substantially, in part due to our industry leading success in mergers and acquisitions.

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required. A self-starter who can deliver results while working independently.

EDUCATION LEVEL AND EXPERIENCE REQUIRED

Minimum BA/BS or equivalent work experience in governance and/or compliance, security assurance, management of information systems or a related field preferred. Process expertise in GRC areas is necessary (e.g., risk management, compliance and regulation, controls automation, continuous controls monitoring and training administration).

REQUIRED KNOWLEDGE AND CAPABILITIES

• Intellectual curiosity and analytical skills in areas of high complexity; sound judgment in resolving matters of high complexity.
• Strong written communication skills and ability to proactively problem solve with regional leadership.
• Understanding of IT environments, risk, and assessment and auditing methodologies.
• Strong working knowledge of some or all of ISO27001, SSAE16/18, information security standards, GDPR, ITIL, cyber essentials.
• Ability to manage projects across multiple teams or groups (strong planning, organization, and project management skills).
• Ability to prioritize assigned work and complete activities in a timely manner.
• Ability to work independently/remote and in a team environment.
• Ability to constantly adapt to a dynamic and complex work environment.
• Above average proficiency with the Microsoft Office Suite including Teams, SharePoint, and Visio, as well as an ability and willingness to learn additional platforms as needed.
• Willingness to travel up to approximately 5-10% of working time.
  Although hybrid to Chicago is preferred, this position is open to remote US candidates.

• Provide general support to the GRC Controls Manager and GRC department as needed.
• Validate data contained within various software applications/services used by the GRC department.
• Maintain and improve the management of internal controls to meet SOC2 and ISO 27001 security requirements.
• Evaluate the design and test the operating effectiveness of key controls identified.
• Monitor, track and process run tasks and projects around Control Risk Assessments.
• Assist with the development and management of tools to support tracking departmental activities and reporting metrics, such as assigned assets and regulatory requests.
• Contribute to other risk management activities, which may include asset tracking and other special projects as needed.