Risk and Compliance Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Pillsbury Winthrop Shaw Pittman LLP · 17 hours ago

Risk and Compliance Analyst

positionNashville
timeFull-time
remoteOnsite
seniorityEntry, Mid Level
date2+ years exp

Pillsbury Winthrop Shaw Pittman LLP is a law firm seeking a Risk and Compliance Analyst to support their Governance, Risk & Compliance program. The role involves managing risk assessments, documentation, vendor risk management, and ensuring compliance with relevant frameworks.

ConsultingFinanceLaw EnforcementLegalProfessional ServicesReal Estate
check
Growth Opportunities
check
H1B Sponsor Likelynote

Responsibilities

Maintain and update the firm’s risk register, including risk scoring, treatment tracking, and monitoring for changes
Support formal risk assessments and assist with updates to the Statement of Applicability (SoA)
Gather and consolidate risk-related inputs from IT, HR, Legal, SecOps, and business stakeholders
Manage lifecycle updates for information security policies, standards, and procedures including drafting, reviews, approvals, and version control
Maintain compliance documentation such as SSP updates, POA&M revisions, control narratives, and other required artifacts
Ensure governance documents remain accurate, consistently formatted, and aligned with framework requirements
Coordinate internal and external audit activities, including scheduling, evidence collection, and communication with SMEs
Track audit findings, corrective actions, and remediation progress
Maintain audit documentation repositories and ensure audit materials are consistently organized and audit-ready
Perform intake assessments for vendor security reviews and coordinate security questionnaires with vendors
Collect due-diligence documentation and track remediation or follow-up requirements
Support collaboration between Procurement, Legal, IT, and the GRC Manager
Assist with developing and distributing cybersecurity awareness content
Maintain training completion records and support reporting for required annual or event-driven trainings
Maintain BCP/DR documentation including plans, Business Impact Analysis (BIA) updates, team rosters, and continuity-related inventories
Coordinate with business units and IT to collect updates for continuity plans and ensure documentation accuracy
Support post-exercise and post-incident reporting, capturing results, action items, and changes required to improve resilience
Organize and maintain evidence of continuity activities for compliance and audit purposes
Assist in coordinating tabletop exercises by managing documentation, capturing observations, and preparing reports for leadership review
Work closely with HR, Legal, Procurement, IT, SecOps, and other internal stakeholders to support compliance operations
Support the GRC Manager on firm-wide governance, compliance initiatives, and regulatory readiness activities

Qualification

ISO 27001CMMC Level 2GRC/IRM platformsRisk managementVendor risk managementInternal audit experienceCompliance workflow platformsAnalytical thinkingDocumentation skillsOrganizational skillsCommunication skillsCollaboration skills

Required

2–5 years of experience in cybersecurity governance, compliance, risk management, or internal audit
Foundational knowledge of ISO 27001, NIST SP 800-171, or CMMC Level 2 requirements
Experience with GRC/IRM platforms (e.g., OneTrust, Archer, ServiceNow GRC)
Strong documentation, writing, organizational, and version-control skills
Proficiency with Excel/Sheets for risk scoring, register management, and reporting
Ability to coordinate projects and collaborate across multiple functions
Experience using compliance workflow platforms such as FutureFeed
Experience supporting internal or external audits
Exposure to vendor risk management processes
Experience with internal audit or compliance management tools (e.g., AuditBoard, Workiva)
Foundational compliance or security certifications (e.g., ISO 27001 Foundations, Security+, CMMC coursework)
Excellent written and verbal communication
Strong organizational skills
Analytical and critical thinking
Ability to collaborate across departments
High ethical standards and professional discretion
Ability to manage multiple tasks with competing deadlines
Ability to sit and stand for extended periods
Ability to lift up to 20 pounds

Company

Pillsbury Winthrop Shaw Pittman LLP

twittertwittertwitter
company-logo
Pillsbury is one of the world’s foremost law firms, operating at the intersection of technology innovation, capital and government.
dateFounded in 1868
location
Palo Alto, California, USA
people-size1001-5000 employees
web-link
http://www.pillsburylaw.com

H1B Sponsorship

Pillsbury Winthrop Shaw Pittman LLP has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (10)
2024 (7)
2023 (9)
2022 (7)
2021 (3)
2020 (11)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Elina Teplinsky
Partner
linkedin

Recent News

Business Wire
Donna Kelce and the Pillsbury Doughboy Reveal the 53rd Pillsbury Bake-Off® Contest Finalists Battling for Best Game Day Spread
2026-01-07
bloomberglaw.com
Pillsbury Winthrop is Sued by Texas Residents Over Data Breach
2025-11-21
Law360
Pillsbury Asks 2nd Circ. To Guard $4M Client Fee From SEC
2025-11-20
Company data provided by crunchbase