• Responsible for ensuring the platform’s compliance with U.S. federal and state regulations by monitoring regulatory changes, interpreting legal requirements, and translating them into clear processes, controls, and workflows. • Manage compliance programs, oversee risk and credentialing requirements, support contract and documentation compliance, and collaborate with cross-functional teams to maintain accuracy, mitigate risks, and drive continuous improvement. • Monitor state-by-state NP scope of practice laws and requirements. • Track updates from Boards and legislative bodies. • Maintain a regulatory change log and alert system. • Maintain a centralized repository of state requirements. • Validate against primary sources. • Conduct periodic audits. • Build scalable compliance framework. • Maintain risk register and mitigation plans. • Conduct license and DEA verification. • Monitor onboarding compliance requirements. • Maintain compliant agreement templates. • Ensure state-specific requirements are reflected. • Support Product, Ops, and Growth teams. • Translate regulations into workflows. • Report on compliance KPIs. • Conduct audits and improvements. • Validated state regulatory database. • Regulatory monitoring system. • Compliance SOPs. • License tracking system. • Risk assessment roadmap.

• Drive member usage and engagement with Quality Reporting and Healthy Planet tools • Work directly with Account Managers, members, and customers • Assist with training and solicit input back to management on tool usage • Manage and drive engagement strategies • Provide one-on-one support for members and customers • Engage Account Managers and analysts in member outreach calls • Facilitate member engagement forums and workgroups • Research, identify, and implement best practices

Role Description As the Head of IT, Compliance & Operational Excellence at TrustYou, you will be responsible for Internal Operations and Office IT, driving the optimization of internal systems, SaaS tools, compliance, and business processes to enhance efficiency and support scalable growth across the organization. Reporting directly to the CFO, you will lead a small team while implementing improvements that streamline workflows, boost productivity, and enable the company to operate effectively across international teams. - Leading internal operations and the office IT team, ensuring reliable IT infrastructure, device lifecycle management, access provisioning, and onboarding processes. - Owning the internal systems and SaaS ecosystem, managing tools, vendors, licenses, renewals, and optimizing operational IT spend. - Driving compliance and governance, coordinating SOC2 readiness, GDPR processes, company policies, and supporting internal and external audits. - Supporting process innovation, structuring the company’s knowledge and data, driving workflow improvements, and prototyping efficiency solutions. - Promoting operational excellence by identifying bottlenecks, implementing scalable processes, improving collaboration, and providing leadership with insights on efficiency and system usage. Qualifications - Bachelor’s or higher degree in business administration, information systems, operations management, or a related field. - 6–10 years of professional experience in business operations, internal systems, IT operations, consulting, or audit, ideally in technology or SaaS companies. - Proven ability to manage teams, internal systems, and SaaS tools in a global organization. - Experience with process optimization, AI tools, or automation initiatives is a strong plus. - Solid understanding of internal governance, compliance frameworks, and operational best practices. - Structured, analytical, and hands-on approach to problem solving. - Ability to collaborate across Finance, Legal, HR, and commercial teams. - Fluency in English (Must); German is a plus. Benefits - Working in a global, diverse, and collaborative team. - Flexible working hours that allows you the freedom to shape your work-life. - Remote-friendly environment. - On-going career development, training, and coaching. - Six days for learning & development. - Celebrate in style at our team events (in-person and virtually). - Social benefits and perks based on location.

Title: Governance, Risk, & Compliance Analyst Location: Glen Allen, VA Urbandale, IA United States Category: Information Technology Job Description: Company Details Berkley Regional Shared Services (BRSS) is the service provider for the Regional Segment of W. R. Berkley Corporation, a Fortune 500 Commercial Lines Insurance Company. With key locations across the United States, BRSS provides insurance service support to our six Regional Segment companies, allowing them to focus on their unique competitive advantages and differentiators within their local marketplaces. BRSS's wide reach ensures that ideas and opinions are considered at every level of the organization to guarantee we find the best solutions possible. Driven by a commitment to collaboration, BRSS partners with our customers and Operating Units by providing comprehensive solutions that not only address the challenge at hand, but proactively plan for the "What's Next" in our industry and beyond. Our mission is to drive transformation and provide exceptional capabilities and service to the operating units. BRSS generates meaningful and measurable value by delivering insights for our customers, partners, and shareholders using data and analytics. Our vision is to enable operating unit profit and growth objectives by designing and delivering scalable solutions. With a culture centered on innovation and service stewardship, BRSS stands as a community of leaders with eyes toward the future -- leaders who truly care about growing not only their team members, but themselves, and take pride in their employees who shine. BRSS offers endless ways to get involved and have the chance to grow your career into a wide range of roles. Come join us as we push forward into the future of industry leading technology and service solutions. This role will be based in one of the locations listed below where we offer a hybrid work schedule with 4 days in the office; and 1 day remote. - Glen Allen, VA - Urbandale, IA The company is an equal opportunity employer. #LI-hybrid, #LI-LD1 Responsibilities As a Governance, Risk, & Compliance Analyst, you will support the W. R. Berkley Regional Segment by executing and documenting IT governance, risk, and compliance activities across Regional Operating Units (OUs) and supporting systems. The role is primarily responsible for performing Sarbanes‑Oxley (SOX) IT control testing, supporting internal and external audit and regulatory inquiries, and assisting with remediation of control findings to ensure compliance with WRB Corporate, regulatory, and industry standards. In addition, the GRC Analyst assists in the development, maintenance, and standardization of RSS GRC processes and documentation; supports disaster recovery and business continuity planning and testing; and provides Third‑Party Risk Management (TPRM) coordination and support for Regional Segment OUs. The position works closely with RSS IT, WRB Corporate GRC, audit partners, and Regional OU stakeholders to gather evidence, document processes, and ensure that GRC policies, standards, and controls are consistently understood and applied. What you can expect: - Culture of innovation, teamwork, supportive colleagues and leaders willing to invest in talent. - Internal mobility opportunities. - Visibility to senior leaders and partnership with cross functional teams. - Opportunity to impact change.Benefits - competitive compensation, paid time off, comprehensive wellness benefits and programs, employer funded health savings account, profit sharing, 401k, paid parental leave, employee stock purchase plan, tuition assistance and professional continuing education. We'll count on you to: Execute WRB Corporate GRC Control Assessments (SOX): - Execute WRB Corporate IT GRC control assessments for applications and systems subject to SOX requirements. - Perform quarterly WRB Corporate‑mandated compliance testing, including control procedures, user access reviews, and evidence validation. - Evaluate new GRC, audit, and regulatory requests to ensure testing approaches and documentation adequately support required responses. - Participate in GRC review meetings to validate completeness and accuracy of test documentation and evidentiary materials prior to submission in GRC tracking systems. - Maintain a working knowledge of applicable compliance tools, methodologies, and subject business systems. Assist with GRC Process and Standards Development: - Assist in the research, development, and documentation of RSS GRC standards, procedures, and guidelines. - Review and evaluate new or proposed internal and external compliance requirements to ensure RSS GRC processes align with evolving standards. - Support efforts to standardize GRC practices across Regional OUs and recommend process improvements to senior RSS GRC leadership. - Maintain and update documentation related to GRC review schedules, evidence sources, and assessment artifacts. Support Audit Response and Issue Remediation: - Analyze GRC assessment results, audit findings, and exception requests and coordinate with senior RSS GRC personnel on appropriate responses. - Monitor WRB Corporate IT GRC findings and support remediation tracking and response documentation. - Assist in responding to regulatory inquiries affecting Regional OUs, including coordination of corrective actions and supporting documentation. Disaster Recovery & Business Continuity Planning: - Support the maintenance and updating of Regional OU‑specific and RSS IT disaster recovery and business continuity plans. - Participate in DR/BCP testing activities and document results, gaps, and follow‑up actions. - Assist the RSS GRC Manager in developing and refining DR/BCP processes, procedures, and supporting documentation. Third‑Party Risk Management (TPRM) Support: - Assist Regional OU stakeholders with initiating TPRM reviews for new third‑party engagements or material changes in vendor scope. - Serve as a liaison between Regional OUs, WRB TPRM teams, and third parties to facilitate information and evidence exchange. - Support documentation and evidence collection during TPRM assessments and reviews. - Escalate identified information security incidents or compliance concerns to RSS GRC leadership for coordination with TPRM and Information Security teams. - Assist in validating third‑party findings, remediation plans, and closure activities. Qualifications What you need to have: - Bachelor's Degree in relevant discipline or equivalent combination of education and experience. - Experience with SOX and/or GRC control assessment and responding to internal/external audit inquiries, including development of remediation plans as needed. - Experience evaluating and applying risk management principles with a focus on information security and data privacy. - Experience with Disaster Recovery (DR) and Business Continuity Planning (BCP) concepts, development, and testing. - Knowledge/understanding of COBIT, COSO-ICIF, ITIL, ISO 27001, and/or Model Audit Rule 205 frameworks as well as other applicable legislation - e.g. SOX, GDPR, HIPAA, NY DFS, etc. - Strong computer skills, including Microsoft M365 products and related analytical/presentation tools (e.g. Excel, PowerPoint, Visio, etc.) as well as Artificial Intelligence (AI) concepts and tools. Knowledge of SQL, PowerBI, Python, and/or other analytical/development tools. - Knowledge of data management, reporting tools, and their use in compiling needed GRC information. - Working knowledge of Software Development Life Cycle (SDLC) and Agile development frameworks. - Reasoning Ability: Solve practical problems, interpret varied instructions, and apply critical thinking to evaluate information and produce accurate, clear, and relevant conclusions. - Communication Skills: Communicate effectively in a professional environment, including reading and interpreting business and regulatory materials, writing clear documentation, and presenting information to diverse audiences. - Organizational Skills: Prioritize and manage workload, develop and execute project plans, and work effectively across multiple concurrent tasks to meet deadlines. - Personal Qualities and Characteristics: Demonstrate agility, accountability, independence, initiative, sound judgment, collaboration, and strategic thinking while adapting to change and aligning work with business objectives. Additional Company Details We do not accept any unsolicited resumes from external recruiting agencies or firms. The company offers a competitive compensation plan and robust benefits package for full time regular employees. The actual salary for this position will be determined by a number of factors, including the scope, complexity and location of the role; the skills, education, training, credentials and experience of the candidate; and other conditions of employment.