IT Risk Analyst

At Dentons we are committed to excellence in supporting legal professionals with cutting-edge solutions. Our dynamic and diverse team collaborates seamlessly to provide a wide range of services, including finance, IT, human resources, marketing, and more. We pride ourselves on fostering a culture of continuous improvement and adaptability.

As an IT risk analyst, you will be responsible for ensuring the security of the company's information systems and data and organization’s adherence to relevant information security policies, standards, and regulations. You will perform risk assessments, respond to customer inquiries, and monitor third-party suppliers. You will also collaborate with the Data Privacy Team, IT and business teams spread geographically across Europe to treat and mitigate risks by implementing and auditing security procedures and controls.

**Responsibilities**:

- Conduct risk assessments of the company's IT systems, processes, and data, and analyze efficiency of existing security controls, identify vulnerabilities and gaps in risk treatments.
- Respond to customer information security questionnaires and provide evidence of the company's security posture and compliance.
- Review client and suppliers' agreements in the parts pertaining to information security and ensure compliance with policies and regulations.
- Perform third-party supplier risk assessments and ensure that they meet the company's security standards and contractual obligations.
- Develop and update security policies, procedures, and guidelines and ensure they align with the company's objectives, clients, and regulatory requirements.
- Provide security awareness and training to the company's staff and stakeholders.
- Monitor and report on the company's security performance and compliance status and recommend corrective actions and improvements.
- Maintain documentation of compliance activities, including policies, procedures, risk assessments, and audit reports.
- Assist internal and external assessments and audits to ensure compliance with client requirements and industry-specific regulations such as GDPR, SOX, etc.
- Provide guidance and support to business practices on information security-related matters, including data classification, access control, etc.
- Research and stay updated on the latest laws and regulations, security trends, threats, and best practices.

**Requirements**:

- At least two years of experience in IT risk management, audit, or compliance focused role in information security.
- Knowledge of security frameworks, standards, and regulations, such as ISO 27001, NIST, GDPR, SOX etc.
- Knowledge of one or more risk management frameworks, knowledge of quantified risk management frameworks is preferred.
- Understanding of information security principles and practices, proficiency in information security tools and techniques with the ability to identify and mitigate security risks.
- Strong analytical, problem-solving, and decision-making skills.
- Excellent communication and interpersonal skills, ability to convey complex information security and risk concepts to non-technical audiences.
- Ability to work independently and collaboratively in a challenging fast-paced and dynamic environment.
- Certifications such as CISSP, CISA, CRISC are a plus, but not required.

**Benefits**

Dentons is the world's largest law firm, delivering quality and value to clients around the globe. Dentons is a leader on the Acritas Global Elite Brand Index, a BTI Client Service 30 Award winner and recognized by prominent business and legal publications for its innovations in client service, including founding Nextlaw Labs and the Nextlaw Global Referral Network. Dentons' polycentric approach and world-class talent challenge the status quo to advance client interests in the communities in which we live and work_._