Summary:
A global law firm offering comprehensive legal services with deep expertise in various sectors. Prepared to tackle challenges worldwide and are guided by our values and purpose. In a rapidly changing world, fostering an environment where everyone can thrive. Ambitious for our clients, communities, and employees, whether you are starting your career or are well-established. If you are looking for what’s next, so are we.
Essential Skills and Experience:
* Significant experience in overseeing audits and promoting continuous control improvements.
* In-depth knowledge of control frameworks (e.g., ITIL, COBIT, NIST).
* Strong communication abilities.
* Excellent skills in Governance, Risk, and Compliance (GRC).
* Proficient in managing and utilizing external suppliers.
* Ability to respond swiftly, decisively, and professionally.
* Preferred: Certification in legal, compliance, information security, or business continuity management.
1. Primary Responsibilities:
* Collaborate with IT & Business Leadership to ensure control effectiveness.
* Oversee and facilitate client audits.
* Drive continuous improvement of standards.
* Assess and determine relevant IT compliance requirements and controls.
* Work with key clients/auditors to meet compliance needs.
* Automate and systematize IT & business controls.
* Implement GRC tools and train management on control ownership.
* Provide regular reports to top management.
* Maintain a comprehensive inventory of all regulatory, commercial, and organizational technology compliance requirements.
* Facilitate the development and modification of technology compliance policies.
* Implement and manage a compliance issue tracking and resolution process.
* Report IT compliance risks and control effectiveness to key stakeholders.
* Lead the firm’s response to internal and external audits and reviews.
* Establish, monitor, and report on the state of IT compliance.
* Develop an IT compliance training and awareness program.
* Conduct self-assessments against global standards.
* Benchmark against ISO27001+ and NIST.
* Contribute to the Cyber Security strategy.
* Manage the Governance, Risk, and Compliance tool.
* Update control standards and embed control ownership.
* Promote a culture where IT security is a key consideration for new systems and processes.
* Exemplify the firm’s values through your actions.