Demo

Governance, Risk, and Compliance Analyst

Ice Miller LLP
New York, NY Full Time
POSTED ON 3/27/2025
AVAILABLE BEFORE 4/26/2025
Job Summary:

As a GRC Analyst, your role on the team will include leveraging your knowledge of security policies, standards, controls, and industry best practices to consult with others in the firm and inform on risk to systems and data. You will be involved playing a critical role in ensuring that GRC functions are incorporated into key firm programs while validating risk mitigation functions are functioning correctly.

***Salary in the range of $70,000 – $90,000 dependent on experience level and geographic location***

Essential Job Duties:

  • Governance
    • Support the development and management of cyber security policies, standards, procedures, and overall governance based on the NIST Cyber Security Framework, NIST 800-53, and CIS controls.
    • Assess current platforms against security and configuration standards
    • Interface with key security personnel to ensure expectations and remediation activities are aligned to best practices
    • Work closely with the IT team to ensure key cybersecurity risks and issues are identified, addressed, and resolved in a timely manner.
    • Assist in the development and deployment of information security awareness, training, and communication capabilities as it relates to governance changes.
    • Evaluate and process exceptions to information security policies and standards
    • Assist with the administration of identity governance and administration activities
    • Receive audit findings, legal obligations, compliance, and regulatory requirements as input to policy development.
    • Manage lateral transfers of data in and out of the firm and implement ethical walls



  • Risk
    • Measure and monitor cybersecurity risk.
    • Manage and prioritize the risk exception queue
    • Perform risk assessments in alignment with methodologies and provide timely feedback to stakeholders
    • Assist in conducting a business impact analysis for business systems, applications, and processes
    • Assist with the development of cyber resilience plans including incident response, business continuity, and disaster recovery
    • Participate in Third Party Risk Management Program activities



  • Compliance
    • Maintain awareness of existing and proposed security standards, state and federal legislations and regulations pertaining to information security.
    • Identify regulatory changes that will affect information security policy, standards, and procedures, and recommend appropriate changes.
    • Participate in internal and external compliance audits and security questionnaire responses.
    • Provide guidance to management and business stakeholders regarding the security impact of regulations, policies, applicable laws, and key risks.
    • Participate in compliance reviews as assigned by management.


Minimum Requirements:

  • Understanding of common security regulations (e.g., HIPAA, Meaningful Use, PCI DSS, ISO2700x, FDA, etc.).
  • Understanding of common industry security frameworks (e.g., ISO2700x, NIST CSF, NIST SP 800-53, HITRUST, etc.).
  • Familiarity with security auditing and risk assessment processes.
  • Skills in documenting risk and compliance activities.
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate strategic information security topics, policies, and standards as well as risk-related concepts to technical and non-technical audiences at various hierarchical levels.
  • Proficient in the development and delivery of incident response playbooks and tabletop exercises
  • Sound knowledge of business management and an expert knowledge of information/cybersecurity risk management and governance.
  • Experience responding to, analyzing, and communicating information security audits.
  • Basic understanding of general security concepts including but not limited to cryptography, DLP, Security Operations Center, Security Managed Services, SIEM, FW, Audit, Cloud Security, Mobile Security.


Other Expectations:

  • Strong ability to follow instructions, ask intelligent questions, and engage critical thinking skills to complete the work
  • Self-starter: ability to work independently with minimal supervision.
  • Ability to work effectively in a team environment.
  • Maturity to accept direction, confidence to give direction.
  • Ability to quickly identify risks that require escalation to higher levels of leadership
  • Ability to operate independently and show measurable progress daily
  • Ability to manage multiple tasks simultaneously without missing deadlines or dropping assignments
  • Ability to adapt quickly and without frustration to changing priorities and emphasis
  • Strong attention to detail and high commitment to quality
  • Good attitude and courtesy to work with a small, fast-paced team
  • Efficient worker looking for ways to gain efficiencies and maximize time spent


Benefits provided include: Paid time off, Health insurance, Vision and Dental Insurance, 401k (with an employer match), life insurance, and many others. Please reach out for a comprehensive list of benefits provided.

Ice Miller is committed to recruiting, developing and retaining talented attorneys and professional staff from all backgrounds. To succeed, we take great pride in a culture of inclusion where everyone at Ice Miller feels respected, is treated fairly and has the opportunity to perform at the highest potential. Learn more about Ice Miller’s Diversity & Inclusion efforts on our website.

Candidates must have permanent authorization to work in the United States.

Ice Miller LLP is an Equal Opportunity Employer.

Salary : $70,000 - $90,000

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Governance, Risk, and Compliance Analyst?

Sign up to receive alerts about other jobs on the Governance, Risk, and Compliance Analyst career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$91,142 - $116,690
Income Estimation: 
$116,347 - $154,557
Income Estimation: 
$150,417 - $183,047
Income Estimation: 
$152,549 - $188,894
Income Estimation: 
$194,072 - $240,547
Income Estimation: 
$135,994 - $168,063
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$70,462 - $84,818
Income Estimation: 
$77,991 - $108,747
Income Estimation: 
$87,093 - $107,335
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$87,093 - $107,335
Income Estimation: 
$111,725 - $147,313
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
Income Estimation: 
$112,673 - $137,290
Income Estimation: 
$139,945 - $168,577
Income Estimation: 
$140,233 - $181,029
Income Estimation: 
$161,209 - $233,553
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Ice Miller LLP

Ice Miller LLP
Hired Organization Address Columbus, OH Full Time
Job Summary: As a GRC Analyst, your role on the team will include leveraging your knowledge of security policies, standa...
Ice Miller LLP
Hired Organization Address Chicago, IL Full Time
Job Summary: As a GRC Analyst, your role on the team will include leveraging your knowledge of security policies, standa...
Ice Miller LLP
Hired Organization Address Naples, FL Full Time
Job Summary: Our Naples office is seeking a paralegal with experience in Trusts and Estates. The employee must be capabl...
Ice Miller LLP
Hired Organization Address Washington, DC Full Time
Job Summary: As a GRC Analyst, your role on the team will include leveraging your knowledge of security policies, standa...

Not the job you're looking for? Here are some other Governance, Risk, and Compliance Analyst jobs in the New York, NY area that may be a better fit.

Governance, Risk & compliance (GRC) Analyst

Randstad Enterprise, New York, NY

AI Assistant is available now!

Feel free to start your new journey!