Job Summary:

The Panther Group is seeking a Direct Hire Governance, Risk, and Compliance (GRC) Analyst to join the Information Security team with one of our partners, a law firm. This role is fully onsite in Boston, and does not permit Visas, C2C,C2H and does not permit sponsorship now or in the future.

The GRC Analyst will be responsible for supporting the development, implementation, and maintenance of the firm’s governance, risk management, and compliance program. The ideal candidate will have a strong understanding of regulatory requirements, risk management frameworks, and information security. They will have experience performing third-party risk assessments and will be familiar with the ISO 27001 certification.

Job Functions:

• Assist with continued development and enhancements to the firm’s governance, risk management and compliance program.
• Support the firm’s client’s by responding to information security assessments.
• Perform information security risk assessments on the firm’s third-party vendors and suppliers.
• Collaborate with the Information Security Director and other stakeholders to improve security procedures, training, IT processes, and the security of existing systems.
• Review and update the firm’s information security policies.
• Track and schedule activities related to certifying the firm’s Information Security Management System’s ISO27001 certification.
• Coordinate with other IT teams and other departments to perform risk assessments and track risk mitigation and remediation.
• Effectively communicates with stakeholders at all levels of the organization.
• Analyzes and reports on risk trends and metrics.
• Analyze client and stakeholder requirements in support of Business Continuity planning efforts.
• Support development of Business Continuity and Disaster Recovery plans and related documents in accordance with recognized standards and best practices.

Ideal Qualifications:

• Bachelor’s degree or equivalent experience in Information Systems Security or related field.
• 3+ years of relevant experience working in a related role.
• Certifications in relevant areas.
• Strong writing / documentation skills.
• Highly organized.
• Strong communication skills.
• Self-starter with the ability to work independently, while having good judgment as to when consultation is required.
• Ability to work on multiple projects and perform well under deadlines.
• Enthusiastic, flexible, willing to pitch in where needed.
• Strong drive to learn and grow in the cyber security field.

Physical Requirements:

• Must have minimal physical mobility. Position may occasionally require standing, walking, reaching, and lifting up to 15 pounds.
• Must have the ability to operate equipment such as a computer and copy machine.
• Must have the ability to communicate clearly and to read and follow detailed instructions.
• Must have the ability to prepare assorted documents and other related materials.

#INDIT

Job Type: Full-time

Pay: From $70,000.00 per year

Benefits:

• 401(k)
• Dental insurance
• Flexible spending account
• Health insurance
• Health savings account
• Life insurance
• Paid time off
• Vision insurance

Compensation package:

• Bonus opportunities

Experience level:

• 3 years

Schedule:

• 8 hour shift
• Day shift
• Monday to Friday

Application Question(s):

• Do you have any relevant certifications?
• This role is not available for C2C/C2H, 3rd party recruiters, and does not permit Visas or sponsorship now or in the future. Does this work for you?

Education:

• Associate (Required)

Experience:

• Information security: 3 years (Required)
• GRC Analyst: 3 years (Required)
• Law office: 1 year (Preferred)

Ability to Commute:

• Boston, MA (Required)

Ability to Relocate:

• Boston, MA: Relocate before starting work (Required)

Work Location: In person