Risk and Compliance Analyst II jobs in United States
cer-icon
Apply on Employer Site
company-logo

Munger, Tolles & Olson LLP · 3 months ago

Risk and Compliance Analyst II

positionWashington, D.C.
timeFull-time
remoteHybrid
seniorityMid, Senior Level
date5+ years exp

Munger, Tolles & Olson LLP is a prestigious law firm, and they are seeking a Risk & Compliance Analyst II to enhance their risk and compliance management programs. The role involves collaborating with various teams to implement tools and processes for compliance, risk management, and governance, while also conducting assessments and maintaining vendor management tools.

ConsultingLaw EnforcementLegalProfessional Services
check
H1B Sponsor Likelynote

Responsibilities

Maintain a balanced risk management and compliance control framework, working with key stakeholders in alignment with Firm and client standards
Review Firm policies, procedures, and standards, partnering with Human Resources and other stakeholders to ensure compliance with client outside counsel guidelines
Facilitate and document client security assessments and other client requests, including internal and client communications, meetings, deadlines, research, responses, and remediation requests
Analyze client security assessment results and recommend improvements to business processes, administrative, and technical controls
Collect vendor information from vendor owners, research tools, and public resources, ensuring the vendor database is up-to-date
Maintain vendor management tools used to track the vendor management lifecycle, security risk assessments, business risk assessments, and contract reviews
Conduct security and business risk assessments of third party vendors, tracking remediation requests in accordance with the vendor risk program and policies
Review contracts for low risk third party vendors in accordance with the vendor management program, partnering with vendor owners and contract review attorneys
Review and develop scenarios for the Firm’s risk register
Partner with appropriate business units to ensure appropriate operational, technical, and data privacy controls are implemented and enforced
Document internal controls and map to Firm and client compliance standards (e.g., ISO 27001, SOC 2, NIST, Center for Internet Security Top 18)
Analyze compliance gaps and recommend improvements to business processes, administrative, and technical controls
Respond to Data Subject Request (DSR) inquiries related to GDPR, CCPA, or other privacy laws
Document, investigate, and report compliance issues and incidents, where necessary
Collect, analyze, and prepare reports required for senior management, auditors, and other relevant stakeholders
Assist with the outside counsel guideline review process (e.g., drafting responses, tracking deadlines, liaise with risk partners for review and approval)
Assist with the audit letter review process (e.g., drafting letters, tracking deadlines, liaise with the Audit Committee for review and approval)
Other duties as assigned

Qualification

GovernanceRiskCompliance (GRC)Information SecurityRisk ManagementCertified Information Security Auditor (CISA)Certified in RiskInformation Systems Controls (CRISC)Vendor Risk ManagementData Privacy LawsMicrosoft OfficeAnalytical SkillsProject ManagementCommunication SkillsAttention to Detail

Required

High school diploma or GED required
Bachelor's degree preferred, or comparable experience of 5+ years of combined experience in information security, GRC, BCP/DR, or risk management with at least 3 years of experience developing and implementing governance, risk, or compliance programs
Certified Information Security Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC), or other relevant training and certifications are highly recommended
Excellent attention to detail, critical thinking, and analytical skills
Ability to work proactively and efficiently in a fast-paced environment, interacting professionally with others
Dedicated to excellent customer service
Ability to communicate effectively, verbally and in writing
Ability to follow directions and collaborate effectively with a team
Understanding of project management principals and methodologies
Proficiency with Microsoft Office Word, Excel, and PowerPoint is desired
Proficiency with Governance, Risk, and Compliance (GRC) tools (i.e., RSA Archer, LogicManager, KnowBe4 Compliance Manager) is desired
Proficiency with vendor risk tools (e.g., Third Party Trust, Argos Risk, BitSight, RiskRecon) is desired
Familiarity with Microsoft 365 (e.g., Microsoft SharePoint, Teams, and OneDrive) and document management systems is desired
Familiarity with project management and agile collaboration tools is desired

Benefits

Competitive pay
Benefits

Company

Munger, Tolles & Olson LLP

twittertwittertwitter
company-logo
Munger, Tolles & Olson is a 200-lawyer firm based in Los Angeles with a national practice representing clients in a broad range of complex and high-profile matters.
dateFounded in 1962
location
Los Angeles, California, USA
people-size201-500 employees
web-link
http://www.mto.com

H1B Sponsorship

Munger, Tolles & Olson LLP has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (2)

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Robert Denham
Partner
linkedin

Recent News

bloomberglaw.com
Ropes & Gray California IP Litigator Jumps to Munger Tolles
2025-11-20
Law360
Former Prosecutors Come Full Circle To Lead Munger Tolles
2025-11-10
bloomberglaw.com
Munger Tolles Elects Former Federal Prosecutors to Leadership
2025-11-04
Company data provided by crunchbase