GRC Analyst job opportunity at Pillsbury Winthrop Shaw Pittman LLP.

Home Jobs In United States Of America Tag: Job GRC Analyst position at Pillsbury Winthrop Shaw Pittman LLP


bot
Pillsbury Winthrop Shaw Pittman LLP GRC Analyst
Experience: 5-years
Pattern: full-time
Country:
apply Apply Now
Salary:
Status:

Job

Copy Link Report
degreeOND
loacation Nashville, United States Of America
loacation Nashville....United States Of America

Nashville, Tennessee Job Description Pillsbury Winthrop Shaw Pittman LLP is seeking a strategic and detail-oriented GRC (Governance, Risk & Compliance) Analyst to strengthen and scale our Governance, Risk, and Compliance (GRC) capabilities. This role is an integral part of the GRC team, with a strong emphasis on Vendor Risk Management, client trust, and compliance with ISO 27001 and related frameworks. You will support firmwide risk reduction efforts and lead initiatives that safeguard sensitive data while enabling business operations and client service delivery.   Responsibilities: Vendor Risk Management Lead the vendor security review process, including intake, risk assessment, documentation, and re-evaluation cycles. Collaborate with IT and Legal to embed security and privacy requirements into contracts and onboarding workflows. Maintain the vendor inventory and risk classification system; track remediation items and expiration of security attestations (SOC 2, ISO 27001, etc.). Assess cloud platforms, SaaS tools, and third-party services against security, compliance, and privacy requirements.   Client Trust & Engagement Coordinate responses to client security assessments, due diligence requests, and audits. Coordinate with attorneys, business development, and compliance teams to support contractual commitments. Maintain a centralized repository of audit evidence and standard responses using tools such as Loopio. ISMS & Compliance Operations Support the day-to-day management of our ISO 27001-certified ISMS, including control implementation and documentation. Assist in preparation for surveillance and recertification audits and maintain alignment with ISO 27001:2022 control requirements. Track risk treatment plans, control testing, and internal audit findings.   Policy & Control Governance Draft, update, and socialize firmwide security and privacy policies. Maintain a control library mapped across multiple frameworks including ISO 27001, NIST 800-171, CMMC, and client-specific standards. Support the intake and processing of exceptions to security policies, ensuring proper documentation and leadership awareness.   Risk Monitoring & Incident Response Support Assist with maintaining the risk register, including identification, analysis, and tracking of risks and mitigations. Coordinate with internal teams during security incidents to ensure proper documentation, containment, and reporting. Security Awareness & Training Administer employee training programs including mandatory awareness training and role-specific modules. Coordinate phishing simulations and follow-up education for at-risk users. Partner with Marketing and IT to drive behavior change through campaigns, posters, and communication. Program Enablement & Tooling Maintain and optimize the GRC toolset (e.g., UpGuard, KnowBe4, Loopio). Drive process improvements in risk assessments, audits, and reporting dashboards. Support annual penetration testing coordination and track remediation progress. Required Education, Knowledge & Experience   Bachelor’s degree in information security, Risk Management, or a related field. 5+ years of experience in security governance, compliance, or vendor risk management roles (legal or professional services industry preferred). Proven experience conducting vendor security assessments and managing related compliance workflows. Deep understanding of ISO 27001 and common security/privacy frameworks (NIST, SOC 2, CMMC, GDPR, etc.). Strong writing, communication, and organizational skills. Experience with GRC platforms and vendor risk tools. Certifications such as ISO 27001 Lead Implementer, Security+ or CISM are a plus. Physical Requirements   Ability to sit and stand for extended periods.  Ability to lift up to 20 pounds.  Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer. If you require an accommodation in order to apply for a position, please contact us at PillsburyWorkday@pillsburylaw.com .

Other Ai Matches

Legal Practice Coordinator Applicants are expected to have a solid experience in handling Job related tasks
Senior Manager of Business Development Strategy - Litigation Applicants are expected to have a solid experience in handling Job related tasks
Director of Artificial Intelligence Applicants are expected to have a solid experience in handling Job related tasks
Manager or Sr. Manager of Business Development Strategy Applicants are expected to have a solid experience in handling Job related tasks
Senior Associate or Counsel Applicants are expected to have a solid experience in handling Job related tasks
Associate (SALT) Applicants are expected to have a solid experience in handling Job related tasks
IT Service Desk Analyst Applicants are expected to have a solid experience in handling Job related tasks
Associate (Corporate & Securities) Applicants are expected to have a solid experience in handling Job related tasks
Associate – Executive Compensation & Benefits Applicants are expected to have a solid experience in handling Job related tasks
Legal Practice Coordinator (Legal Secretary) Applicants are expected to have a solid experience in handling Job related tasks
Associate Applicants are expected to have a solid experience in handling Job related tasks
Operations Manager Applicants are expected to have a solid experience in handling Job related tasks
Associate (M&A) Applicants are expected to have a solid experience in handling Job related tasks
Senior Manager of BD Strategy, Litigation Applicants are expected to have a solid experience in handling Litigation related tasks
Paralegal (Corporate & Securities – Technology) Applicants are expected to have a solid experience in handling Job related tasks
Business Development Specialist Applicants are expected to have a solid experience in handling Job related tasks
Practice Assistant Applicants are expected to have a solid experience in handling Job related tasks
Legal Support Specialist Applicants are expected to have a solid experience in handling Job related tasks
Document Production Specialist Applicants are expected to have a solid experience in handling Job related tasks
Attorney Recruiting Manager Applicants are expected to have a solid experience in handling Job related tasks
Payroll Specialist Applicants are expected to have a solid experience in handling Job related tasks
GRC Analyst Applicants are expected to have a solid experience in handling Job related tasks
Sr. Billing Specialist Applicants are expected to have a solid experience in handling Job related tasks