Analyst, Cybersecurity and Compliance
Analyst, Cybersecurity and Compliance
Firm Summary
White & Case is an elite global law firm serving leading companies, financial institutions and governments worldwide. Our long history as an international firm means we are perfectly placed to help our clients resolve their most complex legal challenges wherever they may be.
With lawyers operating from more than 40 locations, working in virtually every country of the world, we have invested heavily in building a high-quality full-service practice competing at the top of the market.
We are distinguished by our on-the-ground presence in the world's key financial markets and our strengths in handling complex cross-border work.
It's not just about our global network of offices; it's the global interconnectedness of the Firm that our people, and our clients, value most.
We work well together across geographic and practice boundaries. It's one of the reasons we attract and retain cross-border work.
And why we attract a diverse group of people.
Our lawyers are globally minded, enterprising, collaborative and committed to excellence. Diversity is a core value of our Firm and it has been recognized with numerous awards and top rankings around the world.
Our people represent 90 nationalities and speak 80 languages.
Position Summary
The Analyst, Cybersecurity and Compliance will assist the Senior Analyst, Cybersecurity and Compliance in protecting the firm against cybersecurity threats.
The team is tasked with identifying, evaluating, and monitoring potential cybersecurity risks. They will collaborate with various teams within the firm to ensure that Governance, Risk Management, and Compliance (GRC) areas such as Audits, Information Security Certifications, and Vendor Management Risks are effectively managed.
This includes adhering to industry and cybersecurity standards, as well as client and government regulations.
Furthermore, the Analyst, Cybersecurity and Compliance will assist stakeholders in incorporating appropriate security measures into business operations, system designs, and software development processes.
This role is responsible for assist in enhancing and implementing processes that assist in planning remediation strategies to ensure compliance with policies and regulations.
By providing valuable insights for risk prioritization, the Analyst will prepare reports that highlight trends, risk levels, and metrics.
They will focus on building trust and fostering cross-functional partnerships to elevate awareness and successfully implement cybersecurity controls across the firm.
Duties and Accountabilities
Assist and improve the GRC function
Provide support for internal assessments and audits at planned intervals and on an ad hoc basis to evaluate and validate the design and operational effectiveness of technical, and administrative controls to help reduce risk in the organization
Mentor other teams in GRC management principles and practices
Assist with monitoring open audit items from internal audits and external compliance / client / certification audits to ensure completion of remediation activities defined in the agreed action plans and risk treatment plans
Support continuous monitoring processes to assess compliance with information security policies and standards, legal and regulatory compliance
Provide compliance subject matter expertise support to various departments
Assist with conducting third-party vendor information security assessment and ongoing third-party assurance activities
Design, manage, and update company's compliance related documentation and reports
Create any necessary road maps for regulatory compliance
Qualifications
At least three years of experience within GRC, specifically vendor & risk management standards and frameworks
Possessing or working towards a cybersecurity certifications, CRISC, CISM, CGEIT, CISA,CISSP, etc.
Possessing an understanding of industry standards, certifications, and regulations including NIST800 / CSF, ISO 27001
Experience with compliance programs related to SSAE16 SOC1, SOC2, PCI, and / or NIST-800-53
Working knowledge in Cloud Security assessments, systems, tools, and web application reviews including Secure SDLC life cycle assessments
Working knowledge of enterprise infrastructure and application monitoring tools
Proficient in Microsoft Office applications; SME in Excel and data manipulation
Attention to detail. Clear logical and analytical thinker
Able to prioritize and manage multiple tasks under pressure
Good verbal, written and numeric skills
Ability to travel or work overtime, as needed
Location and Reporting
- This is a hybrid role based in our Tampa office with potential for international travel.
- This role reports to the Senior Manager, of Security and Business Continuity.
Equal Opportunities
White & Case is an Equal Employment Opportunity (EEO) employer and is committed to creating a diverse and inclusive workplace.
It is our Firm's policy to recruit, employ, train, compensate and promote without regard to race, color, religion, creed, national origin, age, gender, sexual orientation, marital status, military or veteran status, disability, genetic information, or any other category protected by applicable law.
Applicants who are interested in applying for a position and require an accommodation during the process should contact talent.
Benefits
White & Case LLP offers a comprehensive suite of benefit programs to all eligible employees, including medical, dental, and vision insurance, life and disability coverage, 401(k) retirement savings, vacation time, and leave programs (including parental leave).
Exempt roles are also performance bonus eligible.
The Firm may modify and amend this job description at any time at its sole discretion. Nothing herein creates a contract of employment or otherwise modifies the at-will nature of employment.
The above is a general description of the essential duties associated with this position and does not represent an exhaustive or comprehensive list of all duties.
Primary Location
United States-Tampa
Expected Workplace : Hybrid
Job Posting
Aug 20, 2024, 1 : 23 : 13 PM