close-menu

GRC Analyst

Pillsbury Winthrop Shaw Pittman

Not Interested
Bookmark
Report This Job
profile Job Location:

Nashville, IN - USA

profile Monthly Salary: Not Disclosed
Posted on: Yesterday
Vacancies: 1 Vacancy
Register to Apply

Job Summary

Nashville Tennessee

Job Description

Pillsbury Winthrop Shaw Pittman LLP is seeking a strategic and detail-oriented GRC (Governance Risk & Compliance) Analyst to strengthen and scale our Governance Risk and Compliance (GRC) capabilities. This role is an integral part of the GRC team with a strong emphasis on Vendor Risk Management client trust and compliance with ISO 27001 and related frameworks. You will support firmwide risk reduction efforts and lead initiatives that safeguard sensitive data while enabling business operations and client service delivery.

Responsibilities:

Vendor Risk Management

  • Lead the vendor security review process including intake risk assessment documentation and re-evaluation cycles.

  • Collaborate with IT and Legal to embed security and privacy requirements into contracts and onboarding workflows.

  • Maintain the vendor inventory and risk classification system; track remediation items and expiration of security attestations (SOC 2 ISO 27001 etc.).

  • Assess cloud platforms SaaS tools and third-party services against security compliance and privacy requirements.

Client Trust & Engagement

  • Coordinate responses to client security assessments due diligence requests and audits.

  • Coordinate with attorneys business development and compliance teams to support contractual commitments.

  • Maintain a centralized repository of audit evidence and standard responses using tools such as Loopio.

ISMS & Compliance Operations

  • Support the day-to-day management of our ISO 27001-certified ISMS including control implementation and documentation.

  • Assist in preparation for surveillance and recertification audits and maintain alignment with ISO 27001:2022 control requirements.

  • Track risk treatment plans control testing and internal audit findings.

Policy & Control Governance

  • Draft update and socialize firmwide security and privacy policies.

  • Maintain a control library mapped across multiple frameworks including ISO 27001 NIST 800-171 CMMC and client-specific standards.

  • Support the intake and processing of exceptions to security policies ensuring proper documentation and leadership awareness.

Risk Monitoring & Incident Response Support

  • Assist with maintaining the risk register including identification analysis and tracking of risks and mitigations.

  • Coordinate with internal teams during security incidents to ensure proper documentation containment and reporting.

Security Awareness & Training

  • Administer employee training programs including mandatory awareness training and role-specific modules.

  • Coordinate phishing simulations and follow-up education for at-risk users.

  • Partner with Marketing and IT to drive behavior change through campaigns posters and communication.

Program Enablement & Tooling

  • Maintain and optimize the GRC toolset (e.g. UpGuard KnowBe4 Loopio).

  • Drive process improvements in risk assessments audits and reporting dashboards.

  • Support annual penetration testing coordination and track remediation progress.

Required Education Knowledge & Experience

  • Bachelors degree in information security Risk Management or a related field.

  • 5 years of experience in security governance compliance or vendor risk management roles (legal or professional services industry preferred).

  • Proven experience conducting vendor security assessments and managing related compliance workflows.

  • Deep understanding of ISO 27001 and common security/privacy frameworks (NIST SOC 2 CMMC GDPR etc.).

  • Strong writing communication and organizational skills.

  • Experience with GRC platforms and vendor risk tools.

  • Certifications such as ISO 27001 Lead Implementer Security or CISM are a plus.

Physical Requirements

  • Ability to sit and stand for extended periods.

  • Ability to lift up to 20 pounds.

Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.

If you require an accommodation in order to apply for a position please contact us at .


Required Experience:

IC

Nashville TennesseeJob DescriptionPillsbury Winthrop Shaw Pittman LLP is seeking a strategic and detail-oriented GRC (Governance Risk & Compliance) Analyst to strengthen and scale our Governance Risk and Compliance (GRC) capabilities. This role is an integral part of the GRC team with a strong empha...
View more view more

Key Skills

  • ArcGIS
  • Intelligence Community Experience
  • GIS
  • Python
  • Computer Networking
  • Data Collection
  • Intelligence Experience
  • R
  • Relational Databases
  • Analysis Skills
  • Data Management
  • Application Development
Apply Now

About Company

Pillsbury Winthrop Shaw Pittman
Company Logo

Pillsbury Winthrop Shaw Pittman is an international law firm with a particular focus on the technology & life sciences, energy, financial, and real estate & construction sectors. Recognized as one of the most innovative law firms by Financial Times and one of the top firms for client ... View more

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI AutoApply

AI Resume Builder

Create an ATS-ready CV in minutes

AI Resume Builder

AI Cover Letter

Write a personalized letter instantly

AI Cover Letter

Related Jobs

Data Analyst

V R Della Infotech Inc

profile Hackensack

Business Analyst

Conch Technologies Inc

profile New York City

Procurement Analyst

Vensoft Inc

profile Phoenix

Business Analyst

Naztec International Group Llc

profile Tempe

Business Analyst

Innosoul, Inc.

profile Jackson

Project Analyst – S4HANA

Vdart Inc

profile Charlotte

Analyst, PRD Implementation

Millenniumsoft Inc

profile San Diego

Business Analyst (wInvestran),

Akaasa Technologies

profile Lake Mary
  1. Home
  2. Jobs In USA
  3. Jobs In Indiana
  4. Jobs In Nashville
  5. GRC Analyst Jobs In Nashville
  6. GRC Analyst
About Dr.Job

Dr.Job is an AI-powered career platform that bridges the gap between employers and talented job seekers. Since 2015, we have been one of the leading job portals in the UAE, trusted by thousands daily to find opportunities faster and smarter. Today, Dr.Job is expanding worldwide, connecting professionals and employers across borders. With AI-driven tools for resume building, interview preparation, and automated applications, Dr.Job empowers job seekers to land their dream roles and helps employers find top talent with accuracy and speed.

Follow Dr.Job
Payment accepted icon
Company
Popular Searches
Employer
Quick Links
Job seeker
Jobs by Countries

Dr Job FZ LLC. 2026 © All Rights Reserved

Terms of Use. Privacy Policy. Cookie Policy