Information Security Compliance Analyst

DLA Piper, a global law firm known for its bold, exceptional, collaborative, and supportive culture, is seeking an Information Security Compliance Analyst to join their team. This role is integral to the firm's Information Security Program, focusing on assessing, monitoring, and executing various security initiatives. The position is available in Baltimore, Washington D.C., or Northern Virginia, offering a hybrid work schedule.

As an Information Security Compliance Analyst, your primary responsibilities will include conducting technology risk assessments, such as access control audits for systems, applications, infrastructure, and operational processes. You will maintain up-to-date knowledge of applicable privacy laws and monitor advancements in information privacy and security technologies to ensure compliance. Developing and delivering security awareness and compliance training programs, supporting vendor-focused risk assessments, and proactively identifying vendor-related risks across internal and external projects are also key aspects of this role. Additionally, you will collaborate with security awareness partners to create innovative training materials and processes, document compliance findings and risks, and assist in evaluating external frameworks or internal policies to determine relevant IT compliance requirements and controls. Participation in the change management process to ensure all releases comply with security standards and providing strategic and tactical direction on information security and compliance are also essential duties.

To be considered for this position, candidates should possess a Bachelor's Degree in Information Security, Cybersecurity, or a related field. A minimum of 2 years of IT experience and at least 3 years of hands-on experience in IT security, IT risk, or IT audit are required. Experience with ISO27001 and NIST frameworks, compliance training or certifications, security auditing, and project management is essential. A background in computer management and information assurance, along with knowledge of information security principles—including risk assessment and management, threat and vulnerability management, and incident response—is necessary. Strong analytical skills, effective verbal and written communication abilities, and the capacity to prioritize and execute tasks in a high-pressure environment are crucial. The ability to work independently and collaboratively in a team-oriented environment, develop metrics to measure the success of an information security program, and exercise sound judgment within the scope of the role are also important.

The compensation for this role ranges from $84,366 to $117,111 per year, depending on the candidate's geographic market location. DLA Piper offers a comprehensive benefits package, including medical, dental, and vision insurance, as well as a 401(k) plan.

DLA Piper is committed to fostering a culture that values boldness, exceptionalism, collaboration, and support. Joining the firm provides an opportunity to engage in meaningful work and grow your career within a dynamic and inclusive environment.