Senior IAM EngineerAcrisure LLC • Oklahoma City, OK, United States
No longer accepting applications
Senior IAM Engineer
Acrisure LLC • Oklahoma City, OK, United States
4 days ago
Job type
- Full-time
Job descriptionSupport the enterprise risk management (ERM) program by identifying, assessing, tracking, and reporting technology and cybersecurity risks. Facilitate risk assessments for new products, third parties, and major projects; ensure mitigation plans are defined and tracked to closure. Maintain and enhance the risk register, including metrics for likelihood, impact, and residual risk. Collaborate with AppSec, Cloud, and IAM teams to quantify risk using data (e.g., vulnerability counts, MTTR, compliance exceptions) rather than qualitative labels alone. Produce risk reports and heatmaps for leadership and steering committees. Lead or support internal and external audits (SOC, NYDFS, Texas DOB), coordinating evidence collection and control owner interviews. Build evidence-as-code patterns - automating artifact collection through existing systems (e.g., Azure, AWS, Jira, ServiceNow, Wiz, Splunk). Maintain an annual audit calendar and ensure recurring control testing is timely and consistent. Track and verify remediation of findings; document and report status to management and auditors. Manage and mature the vendor security review process, including questionnaire assessments, evidence validation, and risk scoring. Coordinate security due diligence for acquisitions, technology partners, and critical service providers. Collaborate with Procurement and Legal to ensure contracts include appropriate security, privacy, and data protection clauses. Maintain a vendor risk register and report exposure by category and criticality. Develop and publish periodic metrics and dashboards showing control health, risk posture, and compliance status. Communicate risk and compliance expectations to business and technical stakeholders in clear, actionable language. Support security awareness and training campaigns, focusing on control ownership and policy alignment. Participate in tabletop exercises and incident post-mortems to ensure lessons learned are captured as control improvements. 3-5 years of experience in Information Security, IT Audit, or GRC roles. Working knowledge of at least one major control framework (e.g., NIST CSF, ISO 27001, SOC 2, PCI-DSS, or CIS Controls). Experience with risk assessment methodologies and familiarity with quantitative or semi-quantitative models. Strong organizational skills and ability to manage multiple assessments, audits, and remediation efforts in parallel. Proficiency with GRC or risk management platforms (e.g., Archer, ServiceNow GRC, LogicGate, Tugboat Logic, Drata, or similar). Understanding of cloud service provider shared responsibility models (AWS, Azure, GCP). Excellent written and verbal communication skills, with the ability to translate technical control results into executive-ready summaries. Experience in an acquisitive environment, helping standardize and integrate controls across multiple business units or subsidiaries. Familiarity with data privacy regulations (GDPR, CCPA, GLBA) and privacy impact assessments. Knowledge of secure software development life cycle (SSDLC) governance and control testing. Experience supporting external attestations or certifications (SOC 2 Type II, ISO 27001, PCI-DSS). Relevant certifications such as CISA, CRISC, CISSP, ISO 27001 Lead Implementer / Auditor, or CCSK. Enablement mindset : You see governance as a way to empower teams, not block them. Curiosity : You dig into how controls really work in technical systems, not just on paper. Precision : You care about evidence quality and clarity of documentation. Collaboration : You work cross-functionally with engineers, legal, and executives to close risk gaps. Communication : You distill complex regulatory and control requirements into understandable, actionable guidance. Physical Wellness : Comprehensive medical insurance, dental insurance, and vision insurance; life and disability insurance; fertility benefits; wellness resources; and paid sick time. Mental Wellness : Generous paid time off and holidays; Employee Assistance Program (EAP); and a complimentary Calm app subscription. Financial Wellness : Immediate vesting in a 401(k) plan; Health Savings Account (HSA) and Flexible Spending Account (FSA) options; commuter benefits; and employee discount programs. Family Care : Paid maternity leave and paid paternity leave (including for adoptive parents); legal plan options; and pet insurance coverage. ... and so much more!
Department : I nformation Security
Reports to : Senior Director, Information Security
Role Summary
You will be a hands-on GRC professional who builds, monitors, and improves the frameworks that keep our organization compliant, resilient, and risk informed. You'll work across technology, operations, and product teams to assess control effectiveness, manage audits, and translate regulatory requirements into actionable, measurable security practices.
Success in this role means turning governance into enablement - helping teams move faster by defining clear expectations, automating evidence, and maintaining trust with our customers, auditors, and partners.
What You'll Do (Core Responsibilities)
Governance and Control Frameworks
- Maintain and evolve the company's Information Security Governance Framework, aligning with NIST CSF, NIST 800-53, ISO 27001, SOC 2, PCI-DSS, and other relevant standards.
- Map security controls across frameworks to identify overlaps, gaps, and opportunities for simplification and automation.
- Draft, update, and maintain policies, standards, and procedures in partnership with subject-matter experts across InfoSec, IT, Legal, and Engineering.
- Support the implementation and measurement of control effectiveness through dashboards and continuous monitoring programs.
Risk Management
Compliance and Audit Readiness
Third-Party Risk Management
Awareness, Reporting, and Enablement
Minimum Qualifications
Preferred Qualifications
Behavioral Competencies
#Auris
Candidates should be comfortable with an on-site presence to support collaboration, team leadership, and cross-functional partnership.
Why Join Us :
At Acrisure, we're building more than a business, we're building a community where people can grow, thrive, and make an impact. Our benefits are designed to support every dimension of your life, from your health and finances to your family and future.
Making a lasting impact on the communities it serves, Acrisure has pledged more than $22 million through its partnerships with Corewell Health Helen DeVos Children's Hospital in Grand Rapids, Michigan, UPMC Children's Hospital in Pittsburgh, Pennsylvania and Blythedale Children's Hospital in Valhalla, New York.
Employee Benefits
We also offer our employees a comprehensive suite of benefits and perks, including :
This list is not exhaustive of all available benefits. Eligibility and waiting periods may apply to certain offerings. Benefits may vary based on subsidiary entity and geographic location.
Acrisure is an Equal Opportunity Employer. We consider qualified applicants without regard to race, color, religion, sex, national origin, disability, or protected veteran status. Applicants may request reasonable accommodation by contacting leaves@acrisure.com.
California Residents : Learn more about our privacy practices for applicants by visiting the Acrisure California Applicant Privacy Policy.
Recruitment Fraud : Please visit here to learn more about our Recruitment Fraud Notice.
Welcome, your new opportunity awaits you.
Create a job alert for this search
Senior Engineer Iam • Oklahoma City, OK, United States
Related jobs
The Senior Software Engineer - aiR for Review designs, builds, and operates the next generation of generative AI-driven, cloud-native web applications that are transforming our business and industr...Show more
We are seeking a motivated and detail-oriented Night Manager to support the Account Manager.The ideal candidate will assist in maintaining and growing the relationship, ensuring customer satisfacti...Show more
DCS has an exciting opportunity for a SeniorSystems Engineer providing support to the Air Force Life Cycle Management Center / PEO Digital Directorate (AFLCMC / WIW).
The Air Force Program Execution Off...Show more
DCS has an exciting opportunity for a.Air Force Life Cycle Management Center / PEO Digital Directorate (AFLCMC / WIW).The Air Force Program Execution Office for PEO ISR (AFPEO / HBS) has the collective A...Show more
Find your calling at Mercy! Position Details : Mercy Hospital - W Memorial Rd Imaging Service Administration Full Time Overview : Under the direction of the Executive Director of Oncology and Imaging...Show more
Do you love the Bible and also enjoy writing code and processing data? This role may be for you!.The YouVersion Senior Data Engineer role will be responsible for providing data engineering support...Show more
Rubrik is looking for Inside Sales Engineers.As an Inside Sales Engineer, you will receive on the job training with our Field and Sales Engineering teammates.
We are expanding our team and investing...Show more)
A3T’s Public Key Infrastructure (PKI) Application Administrator (CAA) supports our team in execution of application support, security and administration to a federal government agency and its...Show more
The Sales Engineer is responsible for executing strategic and tactical selling and demand generation strategies that accomplish overall company objectives and support attainment of sales, order and...Show more
Our rapidly growing team specializes in threat hunting, analyzing indicators of compromise (IOCs), investigating security incidents, managing incident responses, and conducting digital forensics ac...Show more
Senior Supplier Quality Engineer (Oklahoma City, OK).At Smith+Nephew we design and manufacture technology that takes the limits off living.
Among other activities, the Supplier Quality Engineer (SQE...Show more
Position P2 is looking for a talented software engineer to lead one of our project teams.This role will not only be the lead engineer on the team, but also provide guidance and mentorship to the re...Show more A3T’s Public Key Infrastructure (PKI) Application Administrator (CAA) supports our team in execution of application support, security and administration to a federal government agency and its...Show more 
Applications for this position.City of Midwest City employment application to be considered.Individual resumes without a completed City employment application.
The City of Midwest City is accepting ...Show more
QuickMD is a leading telemedicine provider, delivering high-quality virtual care across 44 states.Since our founding in 2019, we have helped more than 100,000 patients access essential medical trea...Show more Find your calling at Mercy! Position Details : Location : Mercy Outpatient Surgery Center - Edmond I-35 Shift : Full Time (40 hours / week) Schedule : 8-hr shifts Monday-Friday Overview : Maintains profes...Show more The YouVersion Senior Site Reliability Engineer is responsible for ensuring the integrity, performance, reliability, and cost-effectiveness of the cloud-based infrastructure and related systems sup...Show more 
Emergency Medicine physician employment in Oklahoma : TeamHealth has an excellent opportunity for a full-time emergency medicine (EM) physician to join our team at Integris Canadian Valley Hospital...Show more
Senior Software Engineer
Relativity • Oklahoma City, OK, United States
Full-time
Last updated: 30+ days ago • Promoted
Manager Overnight
ABM Industries • Edmond, OK, US
Full-time
Last updated: 16 days ago
Systems Engineer, Senior - TS
DCS Corporation • Oklahoma City, Oklahoma, US
Full-time
Last updated: 20 days ago • Promoted
Systems Engineer, Senior - TS
DCS Corp • Oklahoma City, OK, US
Full-time
Last updated: 16 days ago • Promoted
Director - Imaging Services
Mercy • Village, OK, US
Full-time
Last updated: 3 days ago • Promoted
Senior Data Engineer
Life.church • Edmond, Oklahoma, United States
Full-time
Last updated: 30+ days ago • Promoted
Inside Sales Engineer
Oklahoma Staffing • Oklahoma City, OK, US
Full-time
Last updated: 15 days ago • Promoted
PKI Systems Administrator (CAA)
Agil3 Technology Solutions (A3T) • Tinker AFB, OK, US
Full-time
Quick Apply
Last updated: 30+ days ago
Sales Engineer (OK, N. TX & N. LA)
Benshaw Inc. • Oklahoma City, OK, US
Full-time +2
Quick Apply
Last updated: 22 days ago
Senior Security Engineer - Data Loss Prevention Operations
Oracle • Oklahoma City, OK, United States
Full-time
Last updated: 10 days ago • Promoted
Senior Supplier Quality Engineer
Smith & Nephew, Inc. • Oklahoma, OK, US
Full-time
Quick Apply
Last updated: 2 days ago
Senior Software Engineer
Phase 2 • Oklahoma City, OK, US
Full-time
Quick Apply
Last updated: 30+ days ago
Application Administrator (CAA)
Agil3 Technology Solutions (A3T) • Tinker AFB, OK, US
Full-time
Quick Apply
Last updated: 30+ days ago
Capital Projects Engineer
City of Midwest City • Midwest City, OK, USA
Full-time
Quick Apply
Last updated: 30+ days ago
Telemedicine Physician
QuickMD • Wayne, OK, US
Full-time
Last updated: 30+ days ago • Promoted
GI Endoscopy Technologist Lead - Outpatient Surgery Center
Mercy • Edmond, OK, US
Full-time
Last updated: 3 days ago • Promoted
Senior Site Reliability Engineer
Life.church • Edmond, Oklahoma, United States
Full-time
Last updated: 30+ days ago • Promoted
Emergency Medicine
Team Health • Yukon, Oklahoma, US
Full-time +1
Last updated: 30+ days ago • Promoted