Information Security Compliance Analyst
$100k - $115kGowling WLG
Information Security Compliance Analyst
At Gowling WLG, our commitment to excellence begins with our people. As an international law firm with offices in Canada, the U.K., Europe, the Middle East, and Asia, we're proud to recruit and retain top talent who bring energy, insight, and a singular focus on delivering exceptional experiences – for our clients and each other.
We're intentional about building a workplace that's both high-performing and supportive, ensuring that everyone is empowered to do their best work and reach their full potential. Our culture is grounded in our shared values: Raise the Bar, Embrace Differences, and Thrive Together. These values shape how we collaborate, lead, and succeed – across teams, time zones, and career paths.
Whether you're pursuing a role in law or business services, explore what's possible and make your mark with Gowling WLG.
Responsibilities
- Review and assess client contractual obligations and Outside Counsel Guidelines (OCGs) related to cybersecurity, confidentiality, and information governance.
- Coordinate and manage the firm's responses to client security assessments, questionnaires, and audits.
- Track compliance obligations and provide clear reporting to firm leadership and practice groups.
- Collaborate with IS Coordinator and IT to ensure controls align with client and industry standards (OCG, ISO/IEC 27001:2022, NIST, etc.).
- Organize and manage third-party security audits and internal audits to ensure continuous improvement of the firm's Information Security Management System (ISMS).
- Work with the Information Security Coordinator to prepare for and assist in annual ISO/IEC 27001 audits, including surveillance and recertification audits.
- Monitor the effectiveness of security controls, policies, and procedures, ensuring compliance with ISO/IEC 27001:2022 requirements.
- Act as the firm's Designated Official (DO) under the Controlled Goods Program (CGP), responsible for registration, compliance, and monitoring.
- Serve as the firm's Company Security Officer (CSO) under Canada's Contract Security Program (CSP).
- Oversee personnel security screening, compliance training, and incident reporting in line with regulatory obligations.
- Act as primary liaison with Public Services and Procurement Canada (PSPC), and other regulatory bodies.
- Develop, implement, and maintain procedures, and training programs that support compliance with client and regulatory security requirements.
- Conduct regular risk assessments and internal reviews to identify compliance gaps and oversee corrective actions.
- Provide ongoing compliance training and awareness for lawyers, staff, and management.
- Maintain comprehensive documentation and evidence of compliance activities.
Qualifications
- Bachelor's degree in information security, Business Administration, or a related field.
- 5+ years of experience in compliance, cybersecurity governance, or regulatory affairs (law firm or professional services sector strongly preferred).
- Demonstrated knowledge of ISO/IEC 27001:2022 and experience with internal/external audit preparation and management.
- The following certifications are required for this position. If the successful candidate does not have them, they must be willing to obtain:
- ISO/IEC 27001:2022 Lead Auditor or Lead Implementer
- Completion of the Controlled Goods Program Designated Official Certification Program, or ability to complete upon appointment
- Completion of Contract Security Program Company Security Officer training, or ability to complete upon appointment.
- The following certifications would be considered an asset:
- CISA, ISC2 CGRC, CRISC, CIPP/C, CIPM, Security+, NIST Cybersecurity Framework training, or equivalent GRC/audit/compliance credentials.
- Familiarity with Canadian security programs: Controlled Goods Program (CGP) and Contract Security Program (CSP).
- Experience serving as, or supporting, a Designated Official (DO) and/or Company Security Officer (CSO) is an asset.
- Strong understanding of client-facing compliance processes (e.g., OCGs, security questionnaires, vendor due diligence).
- Excellent organizational, communication, and problem-solving skills.
- Proven ability to handle sensitive information with discretion and professionalism.
- Bilingualism (English/French) is considered an asset.
Benefits/Perks
Gowling WLG's total rewards program is designed to foster a culture where high performance and personal well-being go hand-in-hand. We support your career and life with:
- 100% employer-paid health, dental, and mental health coverage, plus an annual lifestyle spending allowance
- Benefits coverage for Firm members and their dependents from day one!
- 15+ vacation days and hybrid work flexibility
- Parental leave top-up for 26 weeks (after 12 months of full-time employment)
- Group Retirement Savings Plan with employer match
- Financial protection through short & long-term disability, life, accident & critical illness insurance
- Employee & Family Assistance Program, guided CBT, and an internal network of 120+ trained Mental Health First Aid responders
- Recognition awards, appreciation events, and a supportive, collaborative work culture
- Perks and preferred pricing programs, referral bonuses and more
The starting range for this role is $100,000 to $115,000. Starting salary will be determined based on an applicant's individual skills, competencies and unique qualifications. Gowling WLG employees have the potential to exceed this range based on tenure and performance.
This position is currently vacant and is open to both internal and external candidates. Gowling WLG is recruiting for this role to support ongoing firm needs and team operations.
This employer may use tools within our applicant tracking system that include artificial intelligence–supported features, such as automated candidate matching. These tools do not make hiring decisions; all screening, assessments, and selections are reviewed and completed by human recruiters and hiring managers.
Gowling WLG is dedicated to building a diverse and inclusive workplace. If you are in need of accommodation or support at any time during the recruitment process, please let us know.
- ...Prevention Systems (IPS), Switching and Routing Infrastructure Security Information and Event Management (SIEM) solutions Identity and Access... ...and/or ongoing maturation of SCDHHS security and compliance efforts. Audit and Assess internal agency systems as well as...SuggestedWork at officeLocal areaFlexible hours
$125k - $175k
...IT Security Compliance Analyst At Five Rivers IT, we build and service reliable IT infrastructures for midsized businesses. Five Rivers IT has... ...Auditors and Engineering/IT by coordinating requests for information and coordinating responses to any observations. Maintain...SuggestedFull timeWork experience placement- ...Life Insurance Company (GTL) is currently seeking an IT Security Compliance Analyst to join our team! Since 1936, GTL has offered cutting... ...maintaining security compliance controls to protect sensitive information, reduce risk, and support business operations. You...SuggestedTemporary workWork at officeRemote workFlexible hours
- ...Description We’re looking for an Information Security Compliance Analyst to join our Information Security GRC team. This role supports compliance programs across a global organization, spanning multiple regulatory frameworks, security certifications, and risk management...Suggested
- ...and multifocal products available, enabling us to fit 99% of all contact wearers. Learn more at Job Summary: The Information Security Compliance Analyst supports the Manager, Identify & Protect in the design, implementation, operation, and continuous improvement of the...Suggested
- ...About the role: Eagle Creek Renewable Energy is seeking an experienced Information Security Compliance Analyst to join our team and help safeguard our organization's regulatory standing and the security of the critical generation assets across our fleet of hydropower facilities...
- ...leading consulting firm in Wakefield is looking for an experienced Information Security Analyst. You will lead the design, implementation, and management of the information security program, ensuring compliance with NIST, CMMC, and SOC-2 frameworks. The successful candidate...
- ## IT Security and Compliance AnalystApplylocations: Houston - Texastime type: Full timeposted on: Posted Todayjob... ...:**The IT Security & Compliance Analyst supports and operationalizes the organization’s global information security and compliance program in support...
- ...convenience store operator based in Texas is seeking an IT Compliance and Security Analyst responsible for ensuring IT policy adherence and... ...related field, with at least four years of experience in Information Security. The role involves managing IT audits, regulatory...
$110k - $140k
Security Compliance Analyst Manage Hive’s current risk management program Manage external and internal audits, including reviewing materials... ...Provide compliance, risk, and controls expertise to support information security and compliance initiatives. Protect the...- Position: IT Compliance and Security Analyst Location: Fort Worth, TX Job Id: 2457 # of Openings: 1 Who We Are: Yesway is one of the fastest-growing... ...regulatory requirements; Develop and lead the global information technology compliance program in the areas of...Local areaRelocationShift work
- MsysInc, located in South Carolina, seeks qualified candidates for an information security role requiring 6 years of experience. Candidates should possess a Bachelor's Degree in a relevant field or equivalent experience. Responsibilities include identifying efficient processes...
- ManpowerGroup Global, Inc. is seeking a detail-oriented Information Security Analyst to join their Security Governance team in Town of Norway, Wisconsin. This role focuses on enhancing compliance with enterprise policies and collaborating with teams to support security...
$78.9k - $123.3k
...Overview We are seeking a detail-oriented cybersecurity compliance professional to support system authorization and... .... This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal...Permanent employmentFull timePart timeWork at officeLocal areaRemote work- ...Rutgers University is seeking an Information Security Risk Analyst to facilitate and evaluate internal and third-party information security risk assessments. You will provide remediation recommendations and maintain a formal risk register while collaborating with campus...
- Bristow Group, Inc. in Houston, Texas is seeking an IT Security & Compliance Analyst to enhance the organization's global information security and compliance program. This role will focus on security operations, vulnerability management, and regulatory compliance for critical...
- Let’s be #BrilliantTogether We are looking for a Client Compliance Analystto join our Information Security Governance, Risk, and Compliance (GRC) function. This role plays a key part in supporting our clients and internal teams by coordinating information security due...Local areaFlexible hours
- Ascension Federal Services Inc. is seeking a detail-oriented Security and Compliance Analyst to join their team in Miami, FL. The candidate will be... ...standards and regulatory requirements while protecting information assets. The ideal applicant will have a Bachelor’s...
- We are looking for a Client Compliance Analyst to join our Information Security Governance, Risk, and Compliance (GRC) function. This role plays a key part in supporting our clients and internal teams by coordinating information security due diligence activities in a professional...Local areaFlexible hours
- The City of Santa Fe Springs is seeking an Information Security Compliance Analyst to support the Chief Information Security Officer. This role involves evaluating IT controls, maintaining the IT Risk Register, and collaborating on risk remediation efforts. A Bachelor’s...Work at officeRemote workFlexible hours
- ...Sunflower Bank, N.A. is looking for an energetic, highly motivated individual to fill the position of a full-time Information Security Risk and Compliance Analyst at our Dallas, TX location. Responsibilities Perform assigned second line control oversight activities,...Full time
- Responsibilities Under the direction of the Chief Information Security Officer, the Information Security Compliance Analyst will assist with the examination of internal IT controls, evaluate the design and operational effectiveness of deployed systems and capabilities,...Work experience placementWork at office
- Identity Access Management Analyst The Identity Access Management (IAM) Analyst is responsible... ...access is granted and maintained in a secure and compliant manner. Responsibilities... ...stakeholders. This includes keeping stakeholders informed of the latest security threats, and...
- Job Description The Security Risk & Compliance Analyst supports the organization’s global information security program by assisting in the identification, assessment, and management of information security risks and compliance demands across Victaulic’s entire organization...Work at office
- Victaulic is seeking a Security Risk & Compliance Analyst to support its global information security program across various regulatory frameworks. This role involves conducting risk assessments, managing compliance documentation, and coordinating third-party audits. Ideal...
$100k - $150k
...that keep people safe and businesses thriving. Our commitment to security and data protection is at the core of everything we do, and we are looking for a talented Senior Information Security Compliance Analyst to join our team and help drive our project success. Job...Full timeWork experience placementRelocation- Teradata Corporation (SE) seeks a Compliance Analyst in Albany, NY. In this role, you will support Teradata's security compliance programs across global cloud offerings. Responsibilities... ...candidate will hold a Bachelor's degree in Information Security and possess 1 to 3 years of...
- MaintainX is seeking an Information Security professional to enhance its security posture by managing vulnerabilities and conducting assessments... ...in AWS and various security frameworks to support compliance programs. The ideal candidate has experience in information...
$2,000 per month
...advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based... ...seeking an experienced Senior Information Security Compliance Analyst to lead our Department of Defense (DoD) Impact...Local areaFlexible hours$89.71k
...knowledge, skills, and behaviors required. SUMMARY - Senior Information Security Analyst: Under the general supervision of the Supervisor, IT... ...uses software tools to ensure proper security posture for compliance. Writes reports and briefings related to specific information...Full timeWork experience placementWork at officeNight shiftWeekend workAfternoon shiftWeekday work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Information Security Compliance Analyst. Be the first to apply!
- data analyst bank United States
- principal data analyst United States
- credit data analyst United States
- data analyst part time work from home United States
- information risk analyst United States
- data analyst excel United States
- data visualization analyst United States
- data analyst no experience United States
- healthcare data analyst United States
- senior data management analyst United States


