Senior Information Security Analyst GRC-Remote

At NCCI, we're looking for a Senior Information Security Analyst to join our team in developing and maintaining governance and risk (GRC) oversight programs. In this role, you'll develop and maintain NCCI’s information security standards, configurations, and policies. You'll be responsible for maintaining and implementing controls, developing controls inventory, and providing oversight with internal and external auditors.

This position has the potential to work remotely within the Eastern or Central time zones.

As a Sr Information Security Analyst, you'll work closely with our security team members to remediate risk while ensuring the business is able to innovate. In addition, you'll:

  • Create and maintain security documentation and configuration practices
  • Perform standards compliance monitoring for Infrastructure Systems
  • Participate in projects ensuring policies, programs, and standards are met
  • Manage the Security Awareness and Information Classification Programs, including:
    • Collaborating with business partners to provide guidance regarding the classification of information
    • Working with Human Resources to select and publish the annual security awareness training
    • Managing the Continuous Phishing simulations
    • Providing additional security awareness
  • Administer and manage security operations, including PAM, IAM, Encryption Management (i.e., PKI, PGP, SSH), Message Hygiene, Web Filtering, Microsoft 365 Security, Endpoint Protection


  • Bachelor’s degree or related experience
  • 4+ years experience in Information Security or IT administration
  • Certification in one of the following: CompTIA Security+, SANS GSEC, ISC2 SSCP, CompTIA CySA+
  • Experience administering and supporting one or more security operations solutions:
    • Microsoft 365 security, Privileged Access Management (PAM), Identity and Access Management (IAM), PKI, Web Filtering, Security Awareness, Endpoint Security
  • Knowledge of IT systems, networking and information security concepts, principles, practices, standards, and control frameworks
  • Strong client facing skills with ability to participate in/lead conversations and communicate business risks as they relate to information security
  • Basic scripting experience and knowledge of programming languages (Java, .NET, PERL, etc.)
  • Strong organizational, planning, written and verbal communication, and troubleshooting skills
  • Effective decision-making skills and ability to work independently
  • Maintain a high-level of professionalism and confidentiality
  • Ability to be on-call and work outside of regular business hours as needed


  • Competitive starting salary with a targeted annual performance bonus
  • Wonderful team of dynamic people to work with who are fun, caring, and friendly
  • Fantastic benefits package
  • Phenomenal work environment with perks including an onsite café and coffee shop, employee activities, fitness center, and sports leagues

Zach Wierzba 
Sr Talent Acquisition Specialist


NCCI Holdings, Inc. is an Equal Opportunity Employer. It is our policy to provide equal opportunities to our employees (for example, in hiring, promotions, training) and to all job applicants, and to maintain a work environment free of discrimination on the basis of race, creed, color, national origin, marital and veteran status, gender, age, status as a qualified individual with a disability, religion, sexual orientation and gender identity or expression, genetic information, or any other basis prohibited by law. This policy applies to all employees and job applicants for employment.

We require a drug screen and background check. Smoke Free environment.