Auto-apply to these risk management jobs

Job Description Risk & Compliance Analyst II Position Type: Full Time Non-exempt Offsite (work in-office based on business needs.) Must be within commutable distance to the office Location:Los Angeles OR San Francisco OR Washington D.C. Residency Requirements: Washington D.C. : For all positions based in the Washington, D.C. office, residency within Washington D.C., Maryland or Virginia and within a reasonable commutable distance to the assigned office is required depending on the firm's discretion and the nature of the role. Los Angeles and San Francisco Offices : For all positions based in the Los Angeles and San Francisco offices, residency within the state of California and within a reasonable commutable distance to the assigned office is required depending on the firm's discretion and the nature of the role. Salary Range for Los Angeles and Washington D.C.:$44.67/hour - $57.70/hour ($92,913.60 - $120,016.00 annually) * Salary Range for San Francisco:$49.04/hour - $63.47/hour ($102,003.20 - $132,017.60 annually) * The salary range is the one that Munger, Tolles & Olson LLP reasonably expects to pay for this position.The salary range does not guarantee, obligate, nor set expectations of an applicant’s wage in the event of hire.The posted range is only one component of Munger, Tolles & Olson LLP’s Total Rewards package. ------------- The Risk & Compliance Analyst II brings subject matter expertise to the Firm’s risk and compliance management programs, partnering with legal support, operations, and technology teams to ensure compliance with Firm policies and client outside counsel guidelines.This includes implementing tools and processes related to internal controls, information governance, risk management, and both client and regulatory compliance.The Risk & Compliance Analyst II also assists with key governance functions, including outside counsel guideline and audit letter reviews.This position is part of the Information Security and Governance (ISG) department and has significant interactions with partners, clients, and other departments within the Firm. Job Functions & Responsibilities Maintain a balanced risk management and compliance control framework, working with key stakeholders in alignment with Firm and client standards Review Firm policies, procedures, and standards, partnering with Human Resources and other stakeholders to ensure compliance with client outside counsel guidelines Facilitate and document client security assessments and other client requests, including internal and client communications, meetings, deadlines, research, responses, and remediation requests Analyze client security assessment results and recommend improvements to business processes, administrative, and technical controls Collect vendor information from vendor owners, research tools, and public resources, ensuring the vendor database is up-to-date Maintain vendor management tools used to track the vendor management lifecycle, security risk assessments, business risk assessments, and contract reviews Conduct security and business risk assessments of third party vendors, tracking remediation requests in accordance with the vendor risk program and policies Review contracts for low risk third party vendors in accordance with the vendor management program, partnering with vendor owners and contract review attorneys Review and develop scenarios for the Firm’s risk register Partner with appropriate business units to ensure appropriate operational, technical, and data privacy controls are implemented and enforced Document internal controls and map to Firm and client compliance standards (e.g., ISO 27001, SOC 2, NIST, Center for Internet Security Top 18) Analyze compliance gaps and recommend improvements to business processes, administrative, and technical controls Respond to Data Subject Request (DSR) inquiries related to GDPR, CCPA, or other privacy laws Document, investigate, and report compliance issues and incidents, where necessary Collect, analyze, and prepare reports required for senior management, auditors, and other relevant stakeholders Assist with the outside counsel guideline review process (e.g., drafting responses, tracking deadlines, liaise with risk partners for review and approval) Assist with the audit letter review process (e.g., drafting letters, tracking deadlines, liaise with the Audit Committee for review and approval) Other duties as assigned Tools Proficiency with Microsoft Office Word, Excel, and PowerPoint is desired Proficiency with Governance, Risk, and Compliance (GRC) tools (i.e., RSA Archer, LogicManager, KnowBe4 Compliance Manager) is desired Proficiency with vendor risk tools (e.g., Third Party Trust, Argos Risk, BitSight, RiskRecon) is desired Familiarity with Microsoft 365 (e.g., Microsoft SharePoint, Teams, and OneDrive) and document management systems is desired Familiarity with project management and agile collaboration tools is desired Minimum Job Qualifications Bachelor's degree preferred, or comparable experience of 5+ years of combined experience in information security, GRC, BCP/DR, or risk management with at least 3 years of experience developing and implementing governance, risk, or compliance programs. High school diploma or GED required. Certified Information Security Auditor (CISA), Certified in Risk and Information Systems Controls (CRISC), or other relevant training and certifications are highly recommended. Excellent attention to detail, critical thinking, and analytical skills. Ability to work proactively and efficiently in a fast-paced environment, interacting professionally with others. Dedicated to excellent customer service. Ability to communicate effectively, verbally and in writing. Ability to follow directions and collaborate effectively with a team Understanding of project management principals and methodologies. Physical Demands Writing, typing, reading, speaking, hearing, seeing, sitting, bending, reaching, lifting up to 25 lbs. Working Conditions Quiet office environment in a high-rise building, seated the majority of the time. Direct Reports None Competencies Teamwork and Cooperation: Treats others with respect; works well with others; asks for help when necessary; willing to share credit; avoids pointing fingers or assigning blame; volunteers to help others when available to do so; empathetic to others. Communication: Communicates clearly and appropriately with adequate frequency and tools; understands the need for regular, timely, and high quality communication; listens actively and asks appropriate questions; understands the message. Flexibility: Adapts to changing conditions; willing to do something new/different; open to change; accepting of differences. Problem Solving: Seeks solutions to problems; proposes creative and effective solutions to problems; examines underlying cause of problems when seeking a solution. Service Focus: Desires to help or serve those requesting service to meet their needs, responsive, and available when needed; proactively anticipates needs and expectations, and acts accordingly to support the success of the firm. Self-Development: Uses constructive feedback to improve; learns from mistakes; shows eagerness and capacity to learn; attends available training; shows interest in improving self; proactively looks for opportunities to gain experience in a range of responsibilities. Organization and Time Management: Orderly in approach to work; able to plan and execute work effectively and accurately; tracks and follows through on requests; maintains a well-organized and clean work area; prioritizes and understands urgency; able to be punctual and prepared; manages multiple tasks simultaneously. Composure: Understands what triggers emotions and uses that knowledge to maintain a professional presence. The Risk & Compliance Analyst II role is an amazing opportunity available on our team of professionals at Munger, Tolles & Olson, LLP! We offer competitive pay, benefits and an opportunity to make an impact in today’s world. ------------- About Munger, Tolles & Olson Munger, Tolles & Olson has topped The American Lawyer’s A-List a record eleven times, and maintains the highest average A-List ranking in the history of the award. We strive to hire only the most qualified and creative lawyers. We believe that clerkships provide valuable experience. In this regard, nearly 75% of our lawyers and over 80% of our litigators served as law clerks to federal or state judges and sixteen attorneys were clerks to U.S. Supreme Court Justices. We recruit and retain the best professional talent to support our Attorneys with a focus on service and excellence. We have a full spectrum of functional positions including Information Technology, Information Security, Accounting, Human Resources, Legal Support, and Marketing. ------------- MTO is an equal opportunity employer and does not discriminate in employment on the basis of race, including but not limited to hair texture and protective hairstyles (for example, braids, locks, and twists), color, ethnicity, religion, gender, gender identity or expression, pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth and breastfeeding, marital or domestic partner status, parental or family care status, national origin, ancestry, age, sexual orientation, disability or medical condition, genetic characteristic, political affiliation, military or veteran status, or any other characteristic protected by federal, state or local law. It is the policy of Munger, Tolles & Olson LLP to prohibit discrimination, unlawful harassment (including sexual harassment), and retaliation. This commitment prohibits such conduct by any individual involved in MTO’s operations and by anyone doing business with or on behalf of Munger, Tolles & Olson LLP. ------------ We are a talent-first Firm and are always looking for great people. We encourage you to apply even if the level of this position is not an exact match to your qualifications. This may not guarantee your placement into the opening; however, it is always worth exploring if there is an opportunity for the future. ------------- Munger, Tolles & Olson LLP (MTO) does not accept unsolicited resumes from 3 rd parties or agencies. Any unsolicited resumes and profiles received from 3 rd parties or agencies will be considered property of MTO and no fees will be due or paid. If you wish to become an approved Agency with MTO, please contact a member of the MTO Talent Acquisition Team.