Compliance Analyst
Houston, TX, US
Dentons
Dentons is a global law firm driven to provide you with the competitive edge in an increasingly complex and interconnected marketplace. We were formed by the March 2013 combination of international law firm Salans LLP, Canadian law firm Fraser...Dentons US LLP is currently recruiting for a Compliance Analyst. Reporting to the Director, Information Security & Technology Services, the compliance analyst will coordinate and support governance and security efforts in collaboration with other key stakeholders in the business for Dentons Canada. This position will help identify and operationalize risk management initiatives and standards that need to be applied to the operating environment. Key functional areas of the position include initiatives governing the Firm's client and administrative data / information in accordance with ethical, legal and contractual requirements.
Responsibilities:
- Review client Information Security requirements, questionnaires and assessments and prepare responses.
- Organize and maintain the client interaction library, including requests, final responses and associated artifacts.
- Maintain a control matrix, mapping NIST/ISO controls frameworks and client requirements.
- Help develop, maintain, evaluate and implement policies and procedures in line with both business requirements and national and international legislative changes, (i.e. ISO 27001/22301, HIPAA processes and procedures.).
- Maintain an inventory of improvement opportunities and action items; prepare periodic reports on trends and compliance.
- Maintain governance inventories such as client security notification requirements.
- Review and track ad-hoc client notifications and requests related to Information Security (e.g. vulnerability notifications, ad-hoc control validation requests)
- Collaborate with the Risk Management and IT teams on implementation of security controls required by clients, such as access restrictions.
- Assist with Third-Party Risk Management program; enhance vendor and cloud service provider inventories, collect risk artifacts such as SOC2 reports.
- Assist with general Information Security program improvements (e.g. awareness communication, projects and enhancements to policies and procedures).
- Other duties as assigned based on the ongoing evolution of the Information Security program.
Experience & Qualifications:
- Minimum of 5 years’ experience in an Information Security role.
- Understanding of Information Security controls, governance principles and standards/frameworks such as NIST CSF or ISO 27001
- Strong written and oral communication skills. Experience responding to audits, RFPs and regulatory/supplier/outsourcer/subcontractor assessments is an asset.
- Ability to prioritize and work effectively under pressure
- Ability to work both independently and in a team-oriented, collaborative environment
- Demonstrate good critical thinking, analytical, and problem-solving skills
- Knowledge of cross-border regulations, such as GDPR and EU data Privacy rules are a plus
- Understanding of the compliance, legal and ethical obligations that organizations should have with respect to logical and physical security, personally identifiable information and data protection
- Industry certification such as CISSP, CISA, CISM, CRISC, is an asset.
Dentons offers a competitive salary and benefits package including medical, dental, vision, 401k, profit sharing, short-term/long-term disability, life insurance, tuition reimbursement, paid time off, paid holidays and discretionary bonuses.
Dentons US LLP is an Equal Opportunity Employer of Individuals with Disabilities and Protected Veterans. We are an Affirmative Action Employer. Pursuant to local ordinances, we will consider for employment qualified applicants with arrest and conviction records.
About Dentons
Across over 80 countries, Dentons helps you grow, protect, operate and finance your organization by providing uniquely global and deeply local legal solutions. Polycentric, purpose-driven and committed to inclusion, diversity, equity and sustainability, we focus on what matters most to you. www.dentons.com
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Cloud Compliance CRISC Finance GDPR Governance HIPAA ISO 27001 NIST Privacy Risk management SOC 2
Perks/benefits: Career development Competitive pay Equity Health care Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Editor jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs