Willkie Farr & Gallagher LLP
: Job Details :

The Willkie Farr & Gallagher LLP is looking for an IT Risk & Compliance Analyst. Willkie is an elite international law firm of approximately 1,200 lawyers located in 15 offices in six countries.

The IT Risk and Compliance Analyst is a technical and analytical position with a high aptitude of both written and verbal communication skills focused on issues in Governance Risk & Compliance (GRC). You will work in the areas of risk management, third party vendor management, and business continuity management, in alignment with industry standards and best practices. You will help drive the transformation of the firms IT risk and compliance program and manage projects of varying complexity. This position will work closely with the IT Security team as well as collaborating with professionals across the organization. This is a hands-on role reporting to the Director of Risk Program in the Information Technology department.

At Willkie, we believe great people are the key to our success. As such, we are offering a highly competitive compensation package with exceptional benefits. If you are looking to work in a friendly, collaborative environment that affords unique opportunities to expand your professional development, this role is for you.

The requirements listed below are representative of the knowledge, skill, and/or ability required.

3rd Party Risk Management -

• Manages third-party risk assessments for IT-related processes and systems ensuring adherence to security requirements.
• Assesses and interprets third-party documents and other pertinent source documents as necessary to support testing requirements and audit processes.
• Monitors open third-party security issues and remediation actions associated with security control gaps to ensure timely closure.
• Assist in developing policies, procedures and processes based on audit findings.

Client Security Audits -

• Works across the Information Security team to ensure timely completion of client audit questionnaires.
• Answers client audit requests with a high degree of accuracy.
• Improves processes and procedures related to audit and client assurance.

IT Security Certifications and Accreditations -

• Prepares and completes certification audits such as ISO 27001, 22301, 27701, 42001 and SOC 2.
• Assists with the development of action plans related to at-risk areas.
• Identifies improvement opportunities and provides recommendations to mature existing IT processes and controls in alignment with best practices.

• 3-5 years progressive experience in a corporate setting in one or more of the following areas: IT Audit, IT Risk Management, Information Security, or IT Governance.
• Experience with performing technical risk assessments, analyzing risk, and providing recommendations on risk mitigation strategies in cloud and on-premises environments.
• The ideal candidate has experience as an Information Systems auditor and preferably acting as an auditor from a firm that does ISO or SOC certifications.

• Background in planning, scoping and managing audits in an ISO 27001 environment.
• Strong verbal and written communication skills in interacting with technical and non-technical individuals across the business and third parties including the executive level.
• A highly collaborative mindset with a strong desire to work closely with the business, development and technical operations teams.
• Bachelor's degree from an accredited college/university.
• Must possess and maintain one or more of the following industry recognized cybersecurity certifications: CISA, CISSP, CRISC, CISM or equivalent.

• Ability to sit at a desk most of the working day and walk short distances
• Needs manual dexterity, speed and accuracy in handling office equipment
• Ability to work efficiently and accurately in an atmosphere of frequent interruption
• Ability to work in close proximity to other individuals

Exempt

USD $120,000.00 - USD $180,000.00 /Yr.

The salary range for this role is $120,000 - $180,000 and represents the Firms good faith and reasonable estimate of the range of possible compensation at the time of posting. Actual compensation will be dependent upon a number of factors, including but not limited to, the candidates relevant experience, qualifications and location. Willkie offers a comprehensive suite of benefit programs to all eligible employees. A summary of available benefits can be found in the Career section of the Firms website.

Willkie Farr & Gallagher is an Equal Opportunity employer. We do not discriminate based upon actual or perceived: race, color, age, religious creed, citizenship, citizenship status and alienage, nationality, national origin or ancestry, ethnicity or creed, disability, genetic information or medical condition, pregnancy or maternity, paternity, marital or civil partnership status, caregiver status, gender (including gender identity, expression, nonconformity, gender reassignment or status as a transgender individual), sex, sexual orientation or preference, veteran or military status, height, weight or any other characteristic protected by law. We are committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need any assistance or accommodations due to a disability, please let the hiring manager know.

Pursuant to the City of Los Angeles Fair Chance Initiative for Hiring Ordinance (FCIHO) and the San Francisco Fair Chance Ordinance, we will consider qualified applicant with arrest and conviction records.