Risk & Compliance Analyst

Job Title: Risk & Compliance Analyst

Location: Los Angeles (Hybrid)

Min. Experience: 3+ years of work experience with Security Governance, Risk and Compliance

DESCRIPTION:

As a valued Security team member, you will join a highly skilled and motivated team of Information Technology professionals or (LTS) Loeb Technology Services.

Under the direction of the Manager of GRC, the Risk & Compliance Analyst supports the Firm’s risk and compliance management programs by working closely with legal support, operations, and technology teams to help ensure alignment with Firm policies and client outside counsel guidelines. This role assists with key governance activities, including outside counsel guideline reviews, client audits, and vendor risk reviews, and provides analytical and administrative support to the Firm’s broader governance, risk, and compliance initiatives.

KEY RESPONSIBILITIES:

Assist with the collaboration with cross-functional teams to identify and address compliance issues

Responding to client security audits including but not limited to:

Researching and composing answers

Collaborating with individuals/departments for correct answers

Reviewing Outside Counsel Guidelines, including but not limited to:

Security Control Requirements

Maintaining Breach Notification Log

Verifying Ethical Wall

Maintaining retention requirements

Analyze results and recommend control/process improvements

Maintaining and updating Evidence files/emails/documentation

Conduct vendor security assessments including but not limited to:

Research and review potential vendors and existing vendors

Setting up reminders for vendor reviews

Filing all email and other documentation

Adding evidence where necessary

Follow-up of outstanding items and draft summary reports

Manage and maintain information security policies, standards, and procedures in alignment with industry regulations (e.g., ISO 27001) and best practices including but not limited to:

Making necessary changes as technology or procedures change

Creating new policies where necessary

Tracking all changes up to approval

Maintain risk register and risk mitigation strategies to safeguard sensitive data

Assist in providing security training and awareness programs for employees to enhance information security

Awareness and adherence to best practices

Track KPIs/metrics for compliance program effectiveness

Create documentation such as how-to, procedural, audit security processes and procedures, etc.

QUALIFICATIONS:

Bachelor’s degree

Relevant certifications are a plus

Min. Experience: 3+ years of work experience with Security Governance, Risk and Compliance

Strong analytical and problem-solving skills

Ability to work both independently and as part of a team

Full-time work experience in information security, cybersecurity, information technology audit or risk management or similar roles

Ability to communicate effectively, verbally and in writing

Ability to follow directions and collaborate effectively with a team

Understanding of project management principles and methodologies is a plus

COMPETENCIES:

Teamwork and Cooperation: Treats others with respect; works well with others; asks for help when necessary; volunteers to help when available

Communication: Communicates clearly and effectively.

Flexibility: Adapts to changing conditions; willing to do something new/different; open to change; accepting of differences

Self-Development: Uses constructive feedback to improve; learns from mistakes; shows eagerness and capacity to learn; attends available training; shows interest in improving self; proactively looks for opportunities to gain experience in a range of responsibilities.

Organization and Time Management: Orderly in approach to work; able to plan and execute work effectively and accurately; tracks and follows through on requests; maintains a well-organized and clean work area; prioritizes and understands urgency; able to be punctual and prepared; manages multiple tasks simultaneously.

POSITION DETAILS

Type: Full-Time

Schedule: Hybrid;

Compensation: Salary commensurate with experience

The statements contained in this position description are not necessarily all-inclusive, additional duties and responsibilities may be assigned, and requirements may vary from time to time.

Professional business references and a background check will be required for all final applicants selected for a position. In accepting a position, it is understood that continued employment is contingent upon a satisfactory background check. A satisfactory background check is the absence of a criminal record which bears a demonstrable relationship to the applicant/employee’s suitability to perform the required duties and responsibilities of the position.

Loeb & Loeb is an Equal Opportunity Employer.

Salary is commensurate with experience.