Senior Security GRC Analyst

Baker & McKenzie LLP

Chicago, IL

Apply

JOB DETAILS

SKILLS

Access Control, Acquisitions Management, Analysis Skills, Asset Management, Bakery, Best Practices, Business Continuity Planning (BCP), Business Development, Business Skills, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, Campaigns, Cloud Computing, Communication Skills, Computer Science, Control Systems, Corrective Action, Customer Relations, Diversity, English Language, External Audit, Facebook, Human Resources, Incident Management, Information Technology & Information Systems, Information/Data Security (InfoSec), Internal Audit, Legal, LinkedIn, Metrics, Microsoft Active Directory, Microsoft Excel, Microsoft Word, Multitasking, Network Administration/Management, Operational Communications, Phishing, Physical Security, Record Keeping, Reporting Skills, Request for Information (RFI), Request for Proposals (RFP), Risk, Risk Analysis, Risk Management, Risk Management Framework (RMF), Security Analysis, Security Auditing, Security Clearance, Security Monitoring, Security Policy, Status Reports, Systems Analysis, Time Management, Vendor/Supplier Evaluation

LOCATION

Chicago, IL

POSTED

2 days ago

Senior Security GRC Analyst - 3257 - Baker McKenzie

Open Jobs
Recommended Jobs
Login
English
Deutsch
English
Español
Français
Italiano

Baker McKenzie

Senior Security GRC Analyst

Home
Job Detail

Job Information

Posting Date

24-Jun-2026

Requisition ID

3149

States/Provinces/Cities

Buenos Aires, Manila

Location Type

Hybrid

Business Unit

Business Professionals

Function

Technology

Full Time or Part Time

Full Time

Description & Requirements

To support the efforts of the organization by supporting Firm security projects, reporting, and audit preparation. The position is also responsible for the execution of internal and third-party information security audits to assess the firm's risk posture relative to the established ISMS and risk management framework.

Main responsibilities:

Execute recurring information security controls audits on both internal and external entities using an established ISMS and risk management framework
Provide effective responses to client Requests for Proposals and Requests for Information in support of the business development function
Respond to client information security audits in a timely, accurate, and effective manner
Monitor control systems to ensure that appropriate information access levels and security clearances are maintained
Monitor and report on compliance with the Firm's information security policies and procedures
Maintain records of audit findings and ensure that corrective actions are implemented per the agreed remediation schedule
Provide status reports to the IT GRC Manager
Maintain the Firm's security-related information and metrics repositories

Skills and experience:

A thorough understanding of security concepts and best practices.
Authoritative understanding of principles, theories, techniques, and methods of information system analysis and risk assessment.
Authoritative understanding of audit principles applied to common information security domains such as security policy, organizational structure, asset management, human resources, physical security, operations, communications, access control, development, and acquisition, incident management, business continuity, and compliance.
Working knowledge of common information systems such as Active Directory, networking, endpoint management, and cloud security concepts.
Proficient in the use of Microsoft Excel and Word.
Sufficient business acumen to understand the business drivers associated with risk management concepts, particularly those affecting client audits, RFPs, and contractual terms.
Strong communication skills - demonstrated ability to communicate professionally in business language, in both oral and written formats (English).
Gather and analyze facts, draw conclusions, define problems, and suggest solutions.
Work independently and within a team.
Remain productive and maintain focus without direct supervision.
Effectively manage multiple tasks concurrently.
Internalize and act upon constructive feedback.
Adopt new skills and improve existing skills in a dynamic environment.
Possess a Computer Science Bachelor's Degree or substantial equivalent experience
A good amount of professional experience with a company-facing information security audit, client-facing audit response, third-party vendor risk management platforms, security metrics tracking and reporting, managing phishing campaigns, and remediation tracking.
Working knowledge of foundational information security systems and processes
CISA, CRISC, CISM or equivalent professional certification preferred

Reports to: Associate Director, Information Security

Development framework: Specialist

About us

Baker McKenzie empowers clients to compete in the global economy. We provide comprehensive and practical legal advice that cuts through complexity with clear, actionable guidance. Our people represent diverse cultures and jurisdictions, combining local know-how with international expertise to ensure your business thrives across borders.

Additional Information

Baker McKenzie is an Equal Opportunity Employer. We are committed to promoting diversity and inclusion for all. Our unique international culture is reflected in the drawing together of a worldwide family of individuals from diverse cultures and backgrounds in all of our offices. We encourage the best people - regardless of race, religion or belief if any, gender, gender identity, disability, sexual orientation or age - to fulfill their professional aspirations with us. We are committed to ensuring an inclusive and accessible experience for all candidates.

Back

Apply

Share this job

Facebook
LinkedIn
WhatsApp
Back

Cookie Preferences Disclaimers Privacy & Cookies Statement Cookie List

About the Company

Baker & McKenzie LLP

Resume Resources

Free Resume Templates Free Resume Builder