We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
James River Management Company jobs

Information Security Compliance Analyst I (Information Technology)

James River Management Company
United States, Virginia, Richmond
6641 West Broad Street (Show on map)
Nov 18, 2025

Come grow with James River Insurance!


James River Insurance is an excess and surplus lines segment of James River Group Holdings, Ltd. and operates on an approved non-admitted basis in 50 states and Washington, DC. Since 2003, James River has provided thousands of commercial property and casualty customers with innovative and creative solutions for particular insurance needs.


At James River Insurance, we are committed to providing a stable and rewarding work environment supported by our Core Values and Guiding Principles: Integrity, Accountability, Innovation, Customer Service, Communication, and Teamwork. We are proud of being recognized the past 5 years as one of The Top Workplaces USA.


James River Group Holdings, Ltd. is a Bermuda-based insurance holding company which owns and operates a group of specialty insurance and reinsurance companies. The Company operates in two specialty property and casualty insurance segments: Excess and Surplus Lines and Specialty Admitted Insurance. The Company tends to focus on accounts associated with small or medium-sized businesses in each of its segments. Each of the Company's regulated insurance subsidiaries are rated "A-" (Excellent) by A.M. Best Company.


Job Summary


The Information Security Compliance Analyst I supports cybersecurity compliance and risk management matters, working closely with IT members, business partners, and internal and external auditors and regulators. This position impacts James River's security posture, including contributing to cybersecurity policy development & awareness, identity & access management, and data governance initiatives.



Duties and Responsibilities



  • Continuously exhibit and uphold Core Values of Integrity, Accountability, Communication and Teamwork, Innovation and Customer Service


  • Maintain, and refine cybersecurity risk management practices using established frameworks such as NIST CSF and ISO 27001


  • Assist with the creation and maintenance of information security policies, standards, procedures, and guidelines
  • Assist with the preparation and review of control narratives and descriptions
  • Assist with the maintenance of risk registers and risk/control matrices
  • Maintain performance metrics for the security compliance program
  • Utilize security compliance tools and identify opportunities for improvements and reporting
  • Collaborate with the security team, IT, and business partners to document security controls, identify gaps and implement new controls
  • Assist with the performance of security assessments to ensure that management, operational, and technical security controls are properly implemented and maintained
  • Partner with internal and external auditors and regulators to demonstrate cybersecurity compliance and build attainable plans to remediate deficiencies
  • Participate in the planning and testing of cybersecurity incident response activities, including coordination with internal stakeholders
  • Keep abreast of current threats and vulnerabilities and alert IT and Information Security teams
  • Maintain awareness of information security best practices and evaluate their applicability to James River
  • Stay current with latest changes in external cybersecurity compliance initiatives that may affect the organization's external requirements
  • Drive security awareness activities to improve business and IT security knowledge and practices



Knowledge, Skills and Abilities



  • Knowledge of foundational cybersecurity policy, compliance, and risk management principles
  • Knowledge of Agile development methodology
  • Ability to think laterally and innovatively while implementing security improvements that suit business risk tolerance
  • Methodical, data-driven approach to security and risk analysis
  • Ability to convey technical process information in a clear and concise manner
  • Strong desire for continuous improvement
  • Ability to identify, recommend and implement innovative solutions
  • Ability to partner with senior team members to write policies, procedures, and assessments
  • Proactive and results-driven work ethic
  • Excellent organizational skills
  • Solid written, verbal, and presentation skills
  • Ability to successfully prioritize and manage deadlines
  • Ability to effectively communicate with peers and senior staff
  • Ability to organize complex information, pay close attention to detail and handle multiple tasks
  • Ability to work successfully as an individual contributor and in a team environment



Experience and Education



  • Bachelor's Degree in related field (IT, IS, Computer Science) or equivalent combination of education, training and experience required
  • Minimum of two years of related experience (general cybersecurity) required
  • Certifications (Security+, CISA, or equivalent professional certificate) preferred



#LI-JB1

Please note that this position is not eligible for H-1B visa sponsorship. All applicants must be currently authorized to work in the United States on a full-time basis without the need for current or future H-1B sponsorship.

Applied = 0
MORE JOBS LIKE THIS

(web-f6fc48fb5-k5dx2)