Allied World

Apply for this job

Senior Governance Specialist (Information Technology)



Job Title:  Senior Governance Specialist

Department:  Information Technology

Location:  Farmington, CT

Reporting Structure:
• Reports to: AVP, Enterprise and Cyber Governance Lead
• Partnership: Collaborates closely with IT, Cyber and the Enterprise Risk Management (ERM) team
 

Take the next step in your career with us.

Allied World is an ideal place for talented professionals who are driven by a belief in the value of collaboration and the power of knowledge.

We believe that when our great people work together and support one another, our clients receive the best solutions. We embrace unique perspectives and empower each person to grow through professional development, career training and mentoring programs.

Our people are our most important asset, and we are very proud of the quality of our team members.

 

Job Summary:  The Senior Governance Specialist will be responsible for developing and maintaining policies that align with internal frameworks and external regulatory requirements. This role requires strong knowledge of cybersecurity and enterprise frameworks (e.g., NIST, COBIT, CIS) and the ability to translate complex regulatory requirements into clear, actionable policies. The ideal candidate will collaborate with cross-functional teams to ensure policies drive compliance, governance maturity, and operational resilience. Exceptional writing and communication skills are essential for success in this role.

 

Job Duties:
1. Risk Identification and Assessment:
•Conduct regular risk assessments to identify and evaluate potential threats to enterprise and cyber security.
• Utilize frameworks like NIST 2.0, CIS Version 8, and COBIT for structured risk identification and evaluation.
 

2. Risk Reporting:
• Develop and implement a reporting structure for communicating risk findings to the Governance lead, CISO and partnering with the Enterprise Risk Management (ERM) team.
• Ensure reports are clear, concise, and actionable, providing insights into potential impact and recommended mitigation strategies.
 

3. Policy Development and Implementation:
• Collaborate with relevant stakeholders to develop IT governance policies and procedures.
• Ensure these policies align with industry best practices and regulatory requirements.
 

4. Compliance and Framework Integration:
• Ensure the organization's IT governance practices comply with relevant frameworks, including:
• NIST 2.0 (National Institute of Standards and Technology): Focus on identifying, protecting, detecting, responding, and recovering from cybersecurity threats.
• CIS Version 8 (Center for Internet Security): Implement critical security controls to defend against prevalent cyber threats.
• COBIT (Control Objectives for Information and Related Technologies): Provide a comprehensive framework for IT management and governance to ensure IT alignment with business goals.
 

5. Risk Mitigation and Control Implementation:
• Work with IT and business units to implement controls and safeguards to mitigate identified risks.
• Monitor the effectiveness of these controls and adjust strategies as necessary.
 

6. Training and Awareness:
• Develop and conduct training programs to raise awareness of IT governance and cyber risk management across the organization.
• Ensure that all employees understand their roles in maintaining security and compliance.
 

7. Continuous Improvement:
• Regularly review and update IT governance practices to reflect changes in the threat landscape and business environment.
• Foster a culture of continuous improvement and proactive risk management.
 

Job Requirements:
1. Education and Experience:
• Bachelors degree in Cybersecurity, Information Technology, Business Administration, or a related field.
• 3+ years of experience in governance, risk, and compliance (GRC) or a related role with a focus on policy development.
 

2. Technical Knowledge:
• Strong understanding of cybersecurity and enterprise frameworks (e.g., NIST CSF, COBIT, CIS, ISO 27001).
• Familiarity with regulatory requirements and standards such as DORA, GDPR, NIS2, or other relevant industry-specific regulations.
• Knowledge of operational and cyber resilience principles.
 

3. Skills and Competencies:
• Proven ability to write clear, concise, and actionable policies tailored to both technical and non-technical audiences.
• Strong analytical skills to interpret regulatory requirements and framework controls.
• Excellent verbal and written communication skills.
• Ability to collaborate with cross-functional teams and stakeholders.
• Proficiency in governance, risk, and compliance (GRC) tools is a plus.
 

4. Certifications (Preferred but not required):
• Certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), or Certified in Governance of Enterprise IT (CGEIT).
 

5. Personal Attributes:
• Detail-oriented with a commitment to accuracy and quality.
• Proactive and adaptable in responding to evolving regulatory landscapes.
• Strong organizational skills with the ability to manage multiple priorities.
• A collaborative mindset and willingness to engage with diverse teams.

 

Working at Allied World

Our team of over 1,400 professionals has deep expertise in the industry. They enjoy their work, and many have served for several years. This is what you can expect when you join us:

  • Instant membership in the Allied World Family — a global network of colleagues who will support your career journey.
  • A manager who will help you build your career through a structured coaching program.
  • Access to a full suite of learning and development tools and resources

 

Global Presence

We are headquartered in Bermuda, with offices in Atlanta, Boston, Chicago, Costa Mesa, Dallas, Dublin, Farmington (CT), Hong Kong, London, Los Angeles, Malaysia, Miami, New York, Philadelphia, San Francisco, Singapore, Sydney, Toronto and Zug.

 

Our Business

Allied World Assurance Company Holdings, Ltd, through its subsidiaries, is a global provider of insurance and reinsurance solutions. We operate under the brand Allied World and have supported clients, cedents and trading partners with thoughtful service and meaningful coverage since 2001. We are a subsidiary of Fairfax Financial Holdings Limited, and benefit from a worldwide network of affiliated entities that allows us to think and respond in non-traditional ways.

 

Allied World is an equal opportunity employer. Subject to applicable law, all qualified applicants will be considered for employment without regard to race, color, religion or belief, gender, age, disability, military service, marital or civil partnership status, family status, sexual orientation, ethnic or national origin, genetic information or any other characteristic protected by applicable law or regulation in the relevant jurisdiction where we operate.

 

To learn more, visit awac.com, or follow us on Facebook at facebook.com/alliedworld and LinkedIn at linkedin.com/company/allied-world.

Apply
Apply Here done