close-menu

Risk and Compliance Analyst

Pillsbury Winthrop Shaw Pittman

Not Interested
Bookmark
Report This Job
profile Job Location:

Nashville, IN - USA

profile Monthly Salary: Not Disclosed
Posted on: Yesterday
Vacancies: 1 Vacancy
Register to Apply

Job Summary

Nashville Tennessee

Job Description

The Risk & Compliance Analyst supports Pillsburys Governance Risk & Compliance (GRC) program across risk management policy governance internal audit coordination vendor risk intake training and awareness initiatives and business continuity documentation. This role supports both ISO 27001 and CMMC Level 2 programs with a balanced 50/50 focus on each framework.

In addition to core compliance operations the analyst is responsible for maintaining and organizing BCP/DR documentation coordinating updates from business and IT owners and supporting reporting activities following exercises and continuity events.

KEY RESPONSIBILITIES

Risk Management & Governance

  • Maintain and update the firms risk register including risk scoring treatment tracking and monitoring for changes.

  • Support formal risk assessments and assist with updates to the Statement of Applicability (SoA).

  • Gather and consolidate risk-related inputs from IT HR Legal SecOps and business stakeholders.

Documentation & Policy Governance

  • Manage lifecycle updates for information security policies standards and procedures including drafting reviews approvals and version control.

  • Maintain compliance documentation such as SSP updates POA&M revisions control narratives and other required artifacts.

  • Ensure governance documents remain accurate consistently formatted and aligned with framework requirements.

Audit Support

  • Coordinate internal and external audit activities including scheduling evidence collection and communication with SMEs.

  • Track audit findings corrective actions and remediation progress.

  • Maintain audit documentation repositories and ensure audit materials are consistently organized and audit-ready.

Vendor Risk Management

  • Perform intake assessments for vendor security reviews and coordinate security questionnaires with vendors.

  • Collect due-diligence documentation and track remediation or follow-up requirements.

  • Support collaboration between Procurement Legal IT and the GRC Manager.

Training & Awareness

  • Assist with developing and distributing cybersecurity awareness content.

  • Maintain training completion records and support reporting for required annual or event-driven trainings.

Business Continuity & Disaster Recovery (BCP/DR) Documentation & Reporting

  • Maintain BCP/DR documentation including plans Business Impact Analysis (BIA) updates team rosters and continuity-related inventories.

  • Coordinate with business units and IT to collect updates for continuity plans and ensure documentation accuracy.

  • Support post-exercise and post-incident reporting capturing results action items and changes required to improve resilience.

  • Organize and maintain evidence of continuity activities for compliance and audit purposes.

  • Assist in coordinating tabletop exercises by managing documentation capturing observations and preparing reports for leadership review.

Cross-Functional Collaboration

  • Work closely with HR Legal Procurement IT SecOps and other internal stakeholders to support compliance operations.

  • Support the GRC Manager on firm-wide governance compliance initiatives and regulatory readiness activities.

REQUIRED EDUCATION KNOWLEDGE AND EXPERIENCE

  • 25 years of experience in cybersecurity governance compliance risk management or internal audit.

  • Foundational knowledge of ISO 27001 NIST SP 800-171 or CMMC Level 2 requirements.

  • Experience with GRC/IRM platforms (e.g. OneTrust Archer ServiceNow GRC).

  • Strong documentation writing organizational and version-control skills.

  • Proficiency with Excel/Sheets for risk scoring register management and reporting.

  • Ability to coordinate projects and collaborate across multiple functions.

  • Experience using compliance workflow platforms such as FutureFeed.

  • Experience supporting internal or external audits.

  • Exposure to vendor risk management processes.

  • Experience with internal audit or compliance management tools (e.g. AuditBoard Workiva).

  • Foundational compliance or security certifications (e.g. ISO 27001 Foundations Security CMMC coursework).

REQUIRED SKILLS AND ABILITIES

  • Excellent written and verbal communication

  • Strong organizational skills

  • Analytical and critical thinking

  • Ability to collaborate across departments High ethical standards and professional discretion

  • Ability to manage multiple tasks with competing deadlines

PHYSICAL REQUIREMENTS

  • Ability to sit and stand for extended periods.

  • Ability to lift up to 20 pounds.

Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.

If you require an accommodation in order to apply for a position please contact us at .


Required Experience:

IC

Nashville TennesseeJob DescriptionThe Risk & Compliance Analyst supports Pillsburys Governance Risk & Compliance (GRC) program across risk management policy governance internal audit coordination vendor risk intake training and awareness initiatives and business continuity documentation. This role s...
View more view more

Key Skills

  • ISO 27001
  • Microsoft Access
  • Risk Management
  • Financial Services
  • PCI
  • Risk Analysis
  • Analysis Skills
  • COBIT
  • NIST Standards
  • SOX
  • Information Security
  • Data Analysis Skills
Apply Now

About Company

Pillsbury Winthrop Shaw Pittman
Company Logo

Welcome to Pillsbury’s Regulatory Playbook, where you’ll find news and insights on the regulatory trends that are driving markets and shaping businesses.

View Profile View Profile

AI AutoApply

Apply to 100+ jobs with one click

AI AutoApply

AI Resume Builder

Create an ATS-ready CV in minutes

AI Resume Builder

AI Cover Letter

Write a personalized letter instantly

AI Cover Letter

Related Jobs

Payable Analyst

City Of New York

profile New York City

Field Inspector, Construction Services for the Division of Building and Land Development Services

City Of New York

profile New York City

Compliance and Operational Risk Testing Analyst I

Usaa

profile San Antonio

Insurance and Risk Analyst

Cyrusone Management Services

profile Dallas

Senior Risk Analyst

City Of Moreno Valley

profile Moreno Valley

Compliance Program Governance Sr. Analyst Third-Party Risk Management

Td Bank

profile New York City

Compliance and Operations Support Supervisor

Whitewater

profile Charlton

Ethics and Compliance Training and Communications Senior Program Manager

Adobe

profile San Jose
  1. Home
  2. Jobs In USA
  3. Jobs In Indiana
  4. Jobs In Nashville
  5. Risk and Compliance Analyst
About Dr.Job

Dr.Job is an AI-powered career platform that bridges the gap between employers and talented job seekers. Since 2015, we have been one of the leading job portals in the UAE, trusted by thousands daily to find opportunities faster and smarter. Today, Dr.Job is expanding worldwide, connecting professionals and employers across borders. With AI-driven tools for resume building, interview preparation, and automated applications, Dr.Job empowers job seekers to land their dream roles and helps employers find top talent with accuracy and speed.

Follow Dr.Job
Payment accepted icon
Company
Popular Searches
Employer
Quick Links
Job seeker
Jobs by Countries

Dr Job FZ LLC. 2026 © All Rights Reserved

Terms of Use. Privacy Policy. Cookie Policy