Job description
Division or Field Office:
Office Of The President
Work from:
$59,487.00 - $95,025.00 *
salary range is for this level and may vary based on actual level of role hired for
*This range represents a national range and the actual salary will depend on several factors including the scope and complexity of the role and the skills, education, training, credentials, location, and experience of an applicant, as well as level of role for which the successful candidate is hired.
At Erie Insurance, you’re not just part of a Fortune 500 company; you’re also a valued member of a diverse and inclusive team that includes more than 5,000 employees and over 2,200 independent agencies. Our Employees work in the Home Office complex located in Erie, PA, and in our Field Offices that span 12 states and the District of Columbia.
Benefits That Go Beyond The Basics
We strive to be Above all in Service® to our customers—and to our employees. That’s why Erie Insurance offers you an exceptional benefits package, including:
- Premier health, prescription, dental, and vision benefits for you and your dependents. Coverage begins your first day of work.
- Low contributions to medical and prescription premiums. We currently pay up to 97% of employees’ monthly premium costs.
- Pension. We are one of only 13 Fortune 500 companies to offer a traditional pension plan. Full-time employees are vested after five years of service.
- 401(k) with up to 4% contribution match. The 401(k) is offered in addition to the pension.
- Paid time off. Paid vacation, personal days, sick days, bereavement days and parental leave.
- Career development. Including a tuition reimbursement program for higher education and industry designations.
Additional benefits that include company-paid basic life insurance; short-and long-term disability insurance; orthodontic coverage for children and adults; adoption assistance; fertility and infertility coverage; well-being programs; paid volunteer hours for service to your community; and dollar-for-dollar matching of your charitable gifts each year.
Position Summary
Under minimal supervision, conducts risk assessments to evaluate the security and integrity of vendors that have access to ERIE data to confirm they are properly vetted from an information security, business continuity and recovery, risk management and governance, software/infrastructure development and support and privacy perspective, and associated controls are in place or mediated prior to establishing or continuing operations with the vendor.
- This position is being reposted. If you have applied you do not need to reapply, your application is under consideration.
- The successful candidate can work from the Home Office (a hybrid schedule will be considered) or remote within ERIE’s footprint.
- The Hiring Manager will also consider candidates for a Third Party Risk Management Analyst I or Senior Third Party Risk Management Analyst. The level of position offered will be based upon the depth and breadth of selected candidate’s experience and qualifications.
- The Successful candidate is preferred to have experience and working knowledge in Third Party Risk and Cyber Security.
Duties and Responsibilities
Analyzes responses to third party assessment questionnaires and reviews supporting documentation (SOC reports, etc.) received from vendors to identify and evaluate the risks in establishing or continuing operations with them.
Interviews key vendor personnel, as necessary, to gain additional insight and/or clarify response to completed questionnaires.
Composes assessment reports containing findings and recommendations and presents to the business and the third party, where appropriate.
Works with other subject matter experts from the Law, Privacy, Information Security, Enterprise Risk Management, Sourcing and Vendor Management, Business Continuity and Disaster Recovery Departments and business areas to apply risk assessment criteria in line with corporate policies.
Works directly with vendors to assist them in effectively managing operational risks related to the identification of potential areas of concern with business processes, applications and systems.
Assigns an overall risk rating with refined qualifications based on potential risk in business processes, applications and systems.
Works with internal business owners to assist them and, if necessary, build a plan for effectively managing third party operational risks related to business processes, applications and systems.
Works with interdisciplinary teams across ERIE to ensure identified risks that require mitigation have a plan developed and are executed for resolution.
With assistance from the business, conducts onsite assessments for evidence around a vendor's capabilities, governance and controls.
Promotes and delivers continuous training and awareness to business partners on vendor risks and enhance ERIE's internal service model that informs business owners of key risks in a timely manner.
Works with the Law Division and the Sourcing and Vendor Management Department to provide input for contract design related to key provisions for vendor risk management.
Grows professionally by focusing on continuous improvements and staying abreast of industry, regulatory, compliance and cybersecurity issues and best practices.
Provides guidance to Sourcing and Vendor Management on best practices and continuous improvement for processes, assessments and other operational activities.
Duties and Responsibilities (cont'd if applicable)
The first three duties listed are the functions identified as essential to the job. Essential functions are those job duties that must be performed in order for the job to be accomplished.
This position description in no way states or implies that these are the only duties to be performed by the incumbent. Employees are required to follow any other job-related instruction and to perform any other duties as requested by their supervisor, or as become evident.
Competencies
Qualifications
Bachelor's degree in Business or Risk Management or Information Technology or equivalent experience required. Two years' related work experience in risk management and/or internal controls required.
Associates degree in Business or Risk Management or Information Technology and four years experience in risk management and/or internal controls; or
High school diploma or GED and six years experience in risk management and/or internal controls required.
Working experience of Information Security and information security frameworks (NIST BITS, etc.), insurance or financial services industries, auditing and/or IT auditing (SOC). This position requires periodic travel. CISA, CISM, CRISC, CISSP, CTPRP or related certifications preferred, but not required.
Physical Requirements
Nearest Major Market: Erie
abouteureka.com is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, abouteureka.com provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, abouteureka.com is the ideal place to find your next job.