GRC Security Analyst @ Dechert LLP | Jobright.ai
JOBSarrow
RecommendedLiked
0
Applied
0
External
0
GRC Security Analyst jobs in United States
63 applicants
company-logo

Dechert LLP · 4 hours ago

GRC Security Analyst

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp
ftfMaximize your interview chances
AdviceConsulting
check
Comp. & Benefits
Hiring Manager
Anna Biley
linkedin

Insider Connection @Dechert LLP

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Conduct enterprise-wide, ongoing risk analysis in tandem with compliance and security.
Maintain oversight in a GRC-related platform.
Identify strengths and weaknesses in the security program as they relate to privacy, security, business resiliency and compliance frameworks.
Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
Maintain strong oversight of third parties, vendors and business partners to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered.
Develop and drive a comprehensive security awareness program.
Analyze findings, and document, recommend and report program gaps to security leadership.
Monitor current and proposed security changes impacting regulatory, privacy and security industry best practice guidance.
Apply GRC expertise across key lines of business, including products, practices and procedures.
Define qualitative and quantitative metrics to assess the success of the security program and provide regular reports to security and business leadership.
Ensure security and technology teams maintain up-to-date configuration documentation for systems and processes.
Maintain rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.
Act as a key participant in incident response to track occurrence and resolution, with strict documentation and reporting.
Work in tandem with security, audit and risk management leadership to perform ongoing security program assessments and create annual strategic technology and budgetary directives.
Attend and fully engage in change and project management meetings.
Liaison with auditors, both internal and external, to maintain and implement controls for compliance and privacy laws.
Act as a point of contact for disaster recovery and business continuity as it relates to security frameworks, compliance and privacy law.
Perform other duties as assigned.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

CybersecurityGovernanceCompliance (GRC)Regulatory RequirementsIncident ResponseVulnerability ManagementCloud ComputingApplication SecuritySecurity FrameworksISO 27001/2ITILNISTHIPAAGDPRGLBATechnical WritingSoft Skills

Required

At least 6+ years’ experience in cybersecurity as a practitioner and with at least 2 to 3+ years exposure with various security frameworks.
Strong business acumen and security technology skills for well-rounded proficiency, as well as proven ability to align with security practices and compliance responsibilities.
Experience and understanding of various regulatory requirements and laws, including but not limited to HIPAA, GDPR and GLBA.
Exceptional written and verbal communication skills, and proven ability to translate security and risk to all levels of the business.
Capacity to understand legacy and progressive technology and security controls along with respective risk.
Working knowledge of technologies such as cloud computing, DevOps and application security is required.
Up-to-date understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelines.
Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent industry experience.

Preferred

Prior experience with leading GRC systems from vendors such as OneTrust.
Demonstrated problem-solving capabilities, and ability to manage complex local and international security requirements.
Self-motivated, directed and well-organized, with the vision to position controls in anticipation of threats.
Successful track record of managing external entities’ contracts and relationships, and mitigating risks to business development opportunities.
Familiarity with state, federal and international privacy laws.

Company

Dechert LLP

twittertwittertwitter
Glassdoor
3.7
company-logo
Dechert is a global law firm that advises asset managers, financial institutions and corporations on issues critical to managing their business and their capital – from high-stakes litigation to complex transactions and regulatory matters.
dateFounded in 1875
location
Philadelphia, Pennsylvania, USA
people-size1001-5000 employees
web-link
http://www.dechert.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Corey Smith
Chief Operating Officer
linkedin
leader-logo
Alison Nina Bernard
Chief Talent and Human Resources Officer

Recent News

prnewswire.co.uk
Dechert Elevates 13 Attorneys to Partnership
2024-12-06
Crowdfund Insider
Private Equity Report: Strategic Shifts Identified by Dechert, Positive Momementum Expected for 2025
2024-11-13
Womble Bond Lures Another Latin America-Focused Arbitration Expert from Dechert
2024-10-25
Company data provided by crunchbase
logo

Orion

Your AI Copilot