Continental General
Overview
SENIOR GRC ANALYST
(Full Time, Salary, Exempt) Looking to join a growing company dedicated to helping others? We offer that, plus competitive salaries, a culture of learning, and a fast-paced environment. Join our team to help make a difference in the lives of others! About Continental General
The Continental General family of companies has provided insurance, including life and long-term care policies, to individuals and groups for over 30 years, and currently supports over 100,000 policyholders. Both our insurance company, Continental General Insurance Company, and our third-party administrator, Continental General Services, are committed to the continuous development of our infrastructure, processes, and people. The group is actively growing through expansion of both its insurance portfolio and its administrative services. With each opportunity, we take a collaborative approach to address challenges and provide unique solutions. Position Overview
The Senior GRC Analyst will serve as the dedicated Governance, Risk, and Compliance (GRC) analyst for a growing security team. Own and mature the organizations GRC processesfrom risk registers and audit support to control testing and policy development. This role is foundational in aligning security initiatives to SOC 2, HIPAA, and NIST requirements. You will work closely with the Security Manager to operationalize compliance workflows, improve scalability, and eventually build and lead a formal GRC function. Responsibilities
Governance & Policy Development: Draft, maintain, and evolve information security policies, standards, and procedures aligned with regulatory frameworks. Collaborate with technical and business teams to ensure policies are practical, up to date, and effectively implemented. Prepare documentation and responses for external audits and regulatory reviews (SOC 2, HIPAA, NAIC, etc.). Risk & Control Management: Maintain and update the enterprise risk register; coordinate quarterly reviews with domain owners. Map and test controls for effectiveness across security, privacy, and operational domains. Track accepted risks and mitigation plans; document and report on progress. Compliance & Audit Operations: Coordinate evidence collection and maintain audit readiness throughout the year. Assist with internal and third-party risk assessments. Support tabletop exercises and business continuity documentation. Process Maturity & Metrics: Build repeatable workflows for compliance, policy, and risk processes, starting from manual tools and scaling toward automation. Define and track KPIs for audit readiness, risk mitigation, and GRC effectiveness. Identify and implement opportunities for continuous improvement in collaboration with other teams. Team Development & Leadership Growth: Document procedures to enable future team scaling. Demonstrate ownership, initiative, and quality execution in all areas of GRC. Position yourself to grow into a leadership role as the GRC function expands. Qualifications
Bachelors degree in Cybersecurity, Information Systems, Business Administration, or equivalent experience. 57 years in security, audit, compliance, or risk roles, with experience supporting or running audits. Familiarity with SOC 2, HIPAA, NIST preferred. Excellent organizational and communication skills Ability to prioritize, self-direct, and execute with minimal supervision Strong process orientation and documentation habits Familiarity with regulatory frameworks and risk-based thinking Comfortable navigating between high-level strategy and detailed execution Interest in scaling a team and evolving into a GRC leadership role Why Join Us?
Opportunity to join an investment accounting function in a dynamic and growing insurance company. Competitive salary and benefits, including 401(k), health insurance, and performance-based bonuses. Collaborative and fast-paced work environment. Professional development and growth opportunities within the finance and investment space. Benefits
Competitive Salary & Target Bonus Program Retirement Savings 401(k) with a company match Comprehensive Medical insurance through BlueCross BlueShield of Texas. Company-paid dental, vision, short-term & long-term disability, and life insurance. Work-Life Balance This role offers 25 days of PTO, 10 paid holidays, and paid volunteer time off. Flexible Work Options & Perks Hybrid opportunity, wellness programs, and weekly paid lunch for onsite staff. Health Savings Accounts (HSA) & Flexible Spending Accounts (FSAs) Includes a company match for HSAs.
#J-18808-Ljbffr
SENIOR GRC ANALYST
(Full Time, Salary, Exempt) Looking to join a growing company dedicated to helping others? We offer that, plus competitive salaries, a culture of learning, and a fast-paced environment. Join our team to help make a difference in the lives of others! About Continental General
The Continental General family of companies has provided insurance, including life and long-term care policies, to individuals and groups for over 30 years, and currently supports over 100,000 policyholders. Both our insurance company, Continental General Insurance Company, and our third-party administrator, Continental General Services, are committed to the continuous development of our infrastructure, processes, and people. The group is actively growing through expansion of both its insurance portfolio and its administrative services. With each opportunity, we take a collaborative approach to address challenges and provide unique solutions. Position Overview
The Senior GRC Analyst will serve as the dedicated Governance, Risk, and Compliance (GRC) analyst for a growing security team. Own and mature the organizations GRC processesfrom risk registers and audit support to control testing and policy development. This role is foundational in aligning security initiatives to SOC 2, HIPAA, and NIST requirements. You will work closely with the Security Manager to operationalize compliance workflows, improve scalability, and eventually build and lead a formal GRC function. Responsibilities
Governance & Policy Development: Draft, maintain, and evolve information security policies, standards, and procedures aligned with regulatory frameworks. Collaborate with technical and business teams to ensure policies are practical, up to date, and effectively implemented. Prepare documentation and responses for external audits and regulatory reviews (SOC 2, HIPAA, NAIC, etc.). Risk & Control Management: Maintain and update the enterprise risk register; coordinate quarterly reviews with domain owners. Map and test controls for effectiveness across security, privacy, and operational domains. Track accepted risks and mitigation plans; document and report on progress. Compliance & Audit Operations: Coordinate evidence collection and maintain audit readiness throughout the year. Assist with internal and third-party risk assessments. Support tabletop exercises and business continuity documentation. Process Maturity & Metrics: Build repeatable workflows for compliance, policy, and risk processes, starting from manual tools and scaling toward automation. Define and track KPIs for audit readiness, risk mitigation, and GRC effectiveness. Identify and implement opportunities for continuous improvement in collaboration with other teams. Team Development & Leadership Growth: Document procedures to enable future team scaling. Demonstrate ownership, initiative, and quality execution in all areas of GRC. Position yourself to grow into a leadership role as the GRC function expands. Qualifications
Bachelors degree in Cybersecurity, Information Systems, Business Administration, or equivalent experience. 57 years in security, audit, compliance, or risk roles, with experience supporting or running audits. Familiarity with SOC 2, HIPAA, NIST preferred. Excellent organizational and communication skills Ability to prioritize, self-direct, and execute with minimal supervision Strong process orientation and documentation habits Familiarity with regulatory frameworks and risk-based thinking Comfortable navigating between high-level strategy and detailed execution Interest in scaling a team and evolving into a GRC leadership role Why Join Us?
Opportunity to join an investment accounting function in a dynamic and growing insurance company. Competitive salary and benefits, including 401(k), health insurance, and performance-based bonuses. Collaborative and fast-paced work environment. Professional development and growth opportunities within the finance and investment space. Benefits
Competitive Salary & Target Bonus Program Retirement Savings 401(k) with a company match Comprehensive Medical insurance through BlueCross BlueShield of Texas. Company-paid dental, vision, short-term & long-term disability, and life insurance. Work-Life Balance This role offers 25 days of PTO, 10 paid holidays, and paid volunteer time off. Flexible Work Options & Perks Hybrid opportunity, wellness programs, and weekly paid lunch for onsite staff. Health Savings Accounts (HSA) & Flexible Spending Accounts (FSAs) Includes a company match for HSAs.
#J-18808-Ljbffr