GRC Analyst - Insight Global : Job Details

An international law firm is looking for a GRC Analyst to join their Security team responsible for managing risks related to security, privacy, and compliance, as well as interacting directly with clients. The Firm has more than 1,300 lawyers and has offices that span the globe from Boston, New York, Beijing, Brussels, Hong Kong, Houston, London, Los Angeles, Palo Alto, So Paulo, Tokyo and Washington, D.C. The Firm consistently ranks among the world's leading law firms. The Firm has the following practice areas: Corporate, Litigation, Banking & Credit, Capital Markets, Mergers & Acquisitions, Real Estate, Restructuring and Private Funds. They support clients in a variety of industries such as Energy (Oil & Gas, Power & Renewables), Financial Services, Healthcare & Life Sciences, Infrastructure, Technology, Insurance & Reinsurance, and Data Centers. This role will be 2 days onsite in NYC and the remaining remote, except for the first two weeks of training which will be 4 days onsite. As a background, the technology environment is a mix of on-prem and cloud (Azure), and we are in the middle of a transformation effort to migrate more applications to the cloud. The Firm uses a wide variety of industry standard tools across all InfoSec domains, including Qualys, Logarythm, Wix, AppOmni, DUO, CrowdStrike, Snyk. The GRC Analyst will be focused on answering information security questionnaires from our clients and assisting the GRC director with other client audits and risk assessments. The GRC Consultant will help implement GRC processes to automate and monitor infosec controls, exceptions, risks, testing, and develop reporting metrics and dashboards. The analyst will manage, track, and ensure timely closure of client information security audits and serve as internal and external primary point of contact during audits. They will also respond to client Information Security questionnaires, including security outreach, vulnerability notifications, and responsible disclosures Compensation: Range $50-63/hr. Exact compensation may vary based on several factors, including skills, experience, and education. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to [email protected] . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: . Required Skills & Experience -3+ years within Infosec, Security Compliance, Security Audit, or Governance, Risk & Compliance (GRC) -Hands on with GRC tools such as Archer, ServiceNow, etc -Strong understanding around security standards and protocols -Background in regulatory frameworks (NIST, ISO, SOX, HIPAA, PCI DSS, GDPR, etc) -Background with security questionnaires, risk assessments and audits Nice to Have Skills & Experience -Certifications: Security+, CCSK, CISA, CISSP, GRCP, CSSBB (Certified Six Sigma Black Belt), CRISC, CGEIT, PMI-RMP, ITIL, etc -Legal background Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.