Security Engineer II

WHO WE ARE:

Zinnia is the leading technology platform for accelerating life and annuities growth. With innovative enterprise solutions and data insights, Zinnia simplifies the experience of buying, selling, and administering insurance products. All of which enables more people to protect their financial futures. Our success is driven by a commitment to three core values: be bold, team up, deliver value – and that we do. Zinnia has over $180 billion in assets under administration, serves 100+ carrier clients, 2500 distributors and partners, and over 2 million policyholders.

WHO YOU ARE:

We are seeking motivated and detail-oriented to join our Information Security team within the Governance, Risk & Compliance (GRC) function. The Security Engineer will support the organization in establishing, maintaining, and monitoring security controls, regulatory compliance activities, risk management processes, and overarching governance initiatives. This role involves working closely with senior team members to gain exposure to industry-leading security frameworks and regulatory requirements, ensuring that the organization maintains a robust security posture.

WHAT YOU’LL DO

• Contribute to the development, enhancement, and maintenance of enterprise IT policies, standards, and procedural documentation
• Assist in conducting IT risk assessments, analyzing identified risks, and supporting the maintenance of the enterprise risk register
• Support compliance initiatives associated with industry standards and regulatory requirements such as ISO 27001, NIST CSF, PCI DSS, and related frameworks.
• Assist in audit-related activities by gathering evidence, preparing documentation, and supporting responses for internal audits, external audits, regulatory examinations, and client assessments (e.g., SOC 2, onsite reviews, RFPs, and due-diligence requests).
• Support monitoring activities related to IT control effectiveness, third-party/vendor compliance, and adherence to cybersecurity best practices.
• Assist in preparing GRC dashboards, status reports, and key performance metrics for senior management review.
• Contribute to the coordination and execution of security awareness initiatives, staff training sessions, and compliance communication programs.
• Collaborate with IT Security, Operations, Risk Management, and other cross-functional teams to ensure consistency with organizational governance requirements.
• Remain informed about emerging regulations, industry developments, and evolving compliance obligations, and assist in evaluating their potential impact on internal policies and controls.

WHAT YOU’LL NEED

• Minimum 2 years of relevant experience. 
• Foundational understanding of IT governance frameworks (e.g., COBIT, ISO 27001, NIST, ITGC).
• Basic awareness of technology risk management and regulatory compliance principles.
• Exposure to audit methodologies, including internal audits, external audits, and regulatory inspections.
• Understanding data protection requirements, IT control categories, and information security standards.
• Familiarity with GRC platforms, risk-management workflows, and reporting dashboards is advantageous
• Strong desire to develop a career in IT governance, risk management, and compliance.
• High level of attention to detail and strong organizational capabilities.
• Ability to follow structured processes, adhere to established controls, and maintain documentation accuracy.
• Professional demeanor and strong interpersonal skills to engage effectively with cross functional teams
• Bachelor’s degree in computer science, Information Technology, Information Systems, or related discipline.
• Strong analytical, communication, and documentation skills.
• Basic understanding or demonstrated willingness to learn IT security concepts, risk management principles, and compliance frameworks.
• Any relevant certifications in IT governance, risk management, or compliance will be considered as a plus but not mandatory.

WHAT’S IN IT FOR YOU?
We’re looking for the best and brightest innovators in the industry to join our team. At Zinnia, you collaborate with smart, creative professionals who are dedicated to delivering cutting-edge technologies, deeper data insights, and enhanced services to transform how insurance is done. Visit our website at www.zinnia.com for more information. Apply by completing the online application on the careers section of our website. We are an Equal Opportunity employer committed to a diverse workforce. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability.