Job Description

We’re looking for a detail-oriented compliance and risk analyst to help us keep our clients’ security needs in check and ensure our firm stays on top of its game. Here’s what you’ll be doing:

Client Security Support

• Quickly respond to security-related questions from clients and potential clients.

• Keep track of security questionnaires and follow up on any loose ends.

• Team up with various departments—like legal, IT, and compliance—to collect info, solve problems, and make sure we’re meeting client expectations.

External Security Audits (ISO27001, Software Audits, etc.)

• Help plan and take part in efforts to keep our ISO27001 certification current.

• Organize regular check-ins on our risk management practices.

• Pull together the evidence needed for external audits, whether for ISO or client requirements.

Vendor Oversight

• Build and maintain a solid list of our key service providers to help us spot and manage risks.

• Work with different teams to keep vendor records up to date.

• Assess risks for high-priority vendors and coordinate fixes when issues pop up.

• Partner with our compliance crew to ensure vendor contracts are reviewed properly.

Internal Compliance

• Collaborate with IT, leadership, and other teams to create risk management policies, procedures, and training resources.

• Run periodic access reviews for IT systems and guide other departments on doing the same.

• Perform internal audits to confirm we’re sticking to our own rules.

Other Stuff

• Stay in the loop on industry standards and best practices.

• Propose updates to our policies and processes when you see room for improvement.

• Tackle additional projects as they come up.

What You’ll Need

• A bachelor’s degree or solid equivalent experience.

• At least 3 years of admin or project coordination experience, ideally in a law firm or similar setting.

• Sharp communication skills (written and spoken).

• A knack for spotting details and staying organized.

• A proactive attitude and ability to own your work.

• Quick learner when it comes to new tools and systems.

• Strong Excel chops.

Bonus Points If You Have

• Experience with IT security audits, risk assessments, or compliance.

• A track record of writing policies, procedures, or technical docs.

• Familiarity with ISO27001, infosec best practices, or operational risk management.

• Knowledge of vendor risk management (VRM) or governance, risk, and compliance (GRC) tools.

• Some exposure to generative AI tools.

Sound like this aligns with your background? Let's talk!

Job Tags

Similar Jobs