IT Security Analyst – GRC Focus

IT Security Analyst – GRC Focus Summary

The Security Analyst will focus on client questionnaires, client assessments, and client engagement documents. You'll lead the analysis of these assessments, and present your findings to key stakeholders with a recommendation. In addition to client work, you'll also assist with vendor assessments and other internal initiatives, including advising internal team members on GRC related issues.

Key areas of focus will be client data security, information governance and compliance. Work performed by this individual results in the measurable reduction of costs and/or minimizes risks relating to risk management and data controls and safeguards.

• Facilitates the intake, analysis, and assignment of new client requests for information.
• Ensures client questionnaire deadlines are met, with ample time provided for senior management and partner review and input.
• Coordinates and consolidates input needed from each administrative department and from the legal team.
• Reviews deliverables prepared by team members prior to management and attorney review.
• Works individually and in teams with partners, clients, a client’s designee, or other third parties to provide information relating to Kirkland’s information governance policies, procedures and/or technology controls for managing client data.
• Coordinates client-requested user entitlement reviews.
• Assists with ensuring proper data safeguards and controls are in place for client and firm data.

• 3+ years of experience with IT Security
• Must have a focus around Governance, Risk and Compliance (GRC)
• Must have experience with at least one of the following security frameworks: ISO 27001, NIST, COBIT, SOC or something similar

• Experience with client and/or vendor questionnaires and assessments as it relates to GRC
• Relevant certifications such as CISSP, CISM, CISA, etc.