Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Information Security Compliance Analyst

$100k - $115k

Gowling WLG

Information Security Compliance Analyst

At Gowling WLG, our commitment to excellence begins with our people. As an international law firm with offices in Canada, the U.K., Europe, the Middle East, and Asia, we're proud to recruit and retain top talent who bring energy, insight, and a singular focus on delivering exceptional experiences – for our clients and each other.

We're intentional about building a workplace that's both high-performing and supportive, ensuring that everyone is empowered to do their best work and reach their full potential. Our culture is grounded in our shared values: Raise the Bar, Embrace Differences, and Thrive Together. These values shape how we collaborate, lead, and succeed – across teams, time zones, and career paths.

Whether you're pursuing a role in law or business services, explore what's possible and make your mark with Gowling WLG.

Responsibilities
  • Review and assess client contractual obligations and Outside Counsel Guidelines (OCGs) related to cybersecurity, confidentiality, and information governance.
  • Coordinate and manage the firm's responses to client security assessments, questionnaires, and audits.
  • Track compliance obligations and provide clear reporting to firm leadership and practice groups.
  • Collaborate with IS Coordinator and IT to ensure controls align with client and industry standards (OCG, ISO/IEC 27001:2022, NIST, etc.).
  • Organize and manage third-party security audits and internal audits to ensure continuous improvement of the firm's Information Security Management System (ISMS).
  • Work with the Information Security Coordinator to prepare for and assist in annual ISO/IEC 27001 audits, including surveillance and recertification audits.
  • Monitor the effectiveness of security controls, policies, and procedures, ensuring compliance with ISO/IEC 27001:2022 requirements.
  • Act as the firm's Designated Official (DO) under the Controlled Goods Program (CGP), responsible for registration, compliance, and monitoring.
  • Serve as the firm's Company Security Officer (CSO) under Canada's Contract Security Program (CSP).
  • Oversee personnel security screening, compliance training, and incident reporting in line with regulatory obligations.
  • Act as primary liaison with Public Services and Procurement Canada (PSPC), and other regulatory bodies.
  • Develop, implement, and maintain procedures, and training programs that support compliance with client and regulatory security requirements.
  • Conduct regular risk assessments and internal reviews to identify compliance gaps and oversee corrective actions.
  • Provide ongoing compliance training and awareness for lawyers, staff, and management.
  • Maintain comprehensive documentation and evidence of compliance activities.
Qualifications
  • Bachelor's degree in information security, Business Administration, or a related field.
  • 5+ years of experience in compliance, cybersecurity governance, or regulatory affairs (law firm or professional services sector strongly preferred).
  • Demonstrated knowledge of ISO/IEC 27001:2022 and experience with internal/external audit preparation and management.
  • The following certifications are required for this position. If the successful candidate does not have them, they must be willing to obtain:
    • ISO/IEC 27001:2022 Lead Auditor or Lead Implementer
    • Completion of the Controlled Goods Program Designated Official Certification Program, or ability to complete upon appointment
    • Completion of Contract Security Program Company Security Officer training, or ability to complete upon appointment.
  • The following certifications would be considered an asset:
    • CISA, ISC2 CGRC, CRISC, CIPP/C, CIPM, Security+, NIST Cybersecurity Framework training, or equivalent GRC/audit/compliance credentials.
  • Familiarity with Canadian security programs: Controlled Goods Program (CGP) and Contract Security Program (CSP).
  • Experience serving as, or supporting, a Designated Official (DO) and/or Company Security Officer (CSO) is an asset.
  • Strong understanding of client-facing compliance processes (e.g., OCGs, security questionnaires, vendor due diligence).
  • Excellent organizational, communication, and problem-solving skills.
  • Proven ability to handle sensitive information with discretion and professionalism.
  • Bilingualism (English/French) is considered an asset.
Benefits/Perks

Gowling WLG's total rewards program is designed to foster a culture where high performance and personal well-being go hand-in-hand. We support your career and life with:

  • 100% employer-paid health, dental, and mental health coverage, plus an annual lifestyle spending allowance
  • Benefits coverage for Firm members and their dependents from day one!
  • 15+ vacation days and hybrid work flexibility
  • Parental leave top-up for 26 weeks (after 12 months of full-time employment)
  • Group Retirement Savings Plan with employer match
  • Financial protection through short & long-term disability, life, accident & critical illness insurance
  • Employee & Family Assistance Program, guided CBT, and an internal network of 120+ trained Mental Health First Aid responders
  • Recognition awards, appreciation events, and a supportive, collaborative work culture
  • Perks and preferred pricing programs, referral bonuses and more

The starting range for this role is $100,000 to $115,000. Starting salary will be determined based on an applicant's individual skills, competencies and unique qualifications. Gowling WLG employees have the potential to exceed this range based on tenure and performance.

This position is currently vacant and is open to both internal and external candidates. Gowling WLG is recruiting for this role to support ongoing firm needs and team operations.

This employer may use tools within our applicant tracking system that include artificial intelligence–supported features, such as automated candidate matching. These tools do not make hiring decisions; all screening, assessments, and selections are reviewed and completed by human recruiters and hiring managers.

Gowling WLG is dedicated to building a diverse and inclusive workplace. If you are in need of accommodation or support at any time during the recruitment process, please let us know.

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Information Security Compliance Analyst in United States vacancy
  •  ...Prevention Systems (IPS), Switching and Routing Infrastructure Security Information and Event Management (SIEM) solutions Identity and Access...  ...and/or ongoing maturation of SCDHHS security and compliance efforts. Audit and Assess internal agency systems as well as... 
    Suggested
    Work at office
    Local area
    Flexible hours

    US IT Solutions Inc

    Columbia, SC
    2 days ago
  • $125k - $175k

     ...IT Security Compliance Analyst At Five Rivers IT, we build and service reliable IT infrastructures for midsized businesses. Five Rivers IT has...  ...Auditors and Engineering/IT by coordinating requests for information and coordinating responses to any observations. Maintain... 
    Suggested
    Full time
    Work experience placement

    Five Rivers IT

    Rochelle Park, NJ
    3 days ago
  •  ...Life Insurance Company (GTL) is currently seeking an IT Security Compliance Analyst to join our team! Since 1936, GTL has offered cutting...  ...maintaining security compliance controls to protect sensitive information, reduce risk, and support business operations. You... 
    Suggested
    Temporary work
    Work at office
    Remote work
    Flexible hours

    Guarantee Trust

    Elkhorn, NE
    3 days ago
  •  ...Description We’re looking for an Information Security Compliance Analyst to join our Information Security GRC team. This role supports compliance programs across a global organization, spanning multiple regulatory frameworks, security certifications, and risk management... 
    Suggested

    Fortive Corporation

    Indiana, PA
    1 day ago
  •  ...and multifocal products available, enabling us to fit 99% of all contact wearers. Learn more at Job Summary: The Information Security Compliance Analyst supports the Manager, Identify & Protect in the design, implementation, operation, and continuous improvement of the... 
    Suggested

    CooperVision

    Victor, NY
    2 days ago
  •  ...About the role: Eagle Creek Renewable Energy is seeking an experienced Information Security Compliance Analyst to join our team and help safeguard our organization's regulatory standing and the security of the critical generation assets across our fleet of hydropower facilities... 

    Eagle Creek Renewable Energy

    Raleigh, NC
    3 days ago
  •  ...leading consulting firm in Wakefield is looking for an experienced Information Security Analyst. You will lead the design, implementation, and management of the information security program, ensuring compliance with NIST, CMMC, and SOC-2 frameworks. The successful candidate... 

    GEI Consultants

    Wakefield, MA
    4 days ago
  • ## IT Security and Compliance AnalystApplylocations: Houston - Texastime type: Full timeposted on: Posted Todayjob...  ...:**The IT Security & Compliance Analyst supports and operationalizes the organization’s global information security and compliance program in support... 

    Bristow Group

    Houston, TX
    1 day ago
  •  ...convenience store operator based in Texas is seeking an IT Compliance and Security Analyst responsible for ensuring IT policy adherence and...  ...related field, with at least four years of experience in Information Security. The role involves managing IT audits, regulatory... 

    Yesway

    Fort Worth, TX
    3 days ago
  • $110k - $140k

    Security Compliance Analyst Manage Hive’s current risk management program Manage external and internal audits, including reviewing materials...  ...Provide compliance, risk, and controls expertise to support information security and compliance initiatives. Protect the... 

    Hive

    San Francisco, CA
    3 days ago
  • Position: IT Compliance and Security Analyst Location: Fort Worth, TX Job Id: 2457 # of Openings: 1 Who We Are: Yesway is one of the fastest-growing...  ...regulatory requirements; Develop and lead the global information technology compliance program in the areas of... 
    Local area
    Relocation
    Shift work

    Yesway

    Fort Worth, TX
    3 days ago
  • MsysInc, located in South Carolina, seeks qualified candidates for an information security role requiring 6 years of experience. Candidates should possess a Bachelor's Degree in a relevant field or equivalent experience. Responsibilities include identifying efficient processes... 

    MsysInc

    Clover, SC
    4 days ago
  • ManpowerGroup Global, Inc. is seeking a detail-oriented Information Security Analyst to join their Security Governance team in Town of Norway, Wisconsin. This role focuses on enhancing compliance with enterprise policies and collaborating with teams to support security... 

    ManpowerGroup Global, Inc.

    Chandler, AZ
    3 days ago
  • $78.9k - $123.3k

     ...Overview We are seeking a detail-oriented cybersecurity compliance professional to support system authorization and...  .... This role is responsible for managing the security authorization lifecycle for one or more information systems, ensuring compliance with Federal... 
    Permanent employment
    Full time
    Part time
    Work at office
    Local area
    Remote work

    Noblis

    Des Moines, IA
    2 days ago
  •  ...Rutgers University is seeking an Information Security Risk Analyst to facilitate and evaluate internal and third-party information security risk assessments. You will provide remediation recommendations and maintain a formal risk register while collaborating with campus... 

    Rutgers University

    New Brunswick, NJ
    5 days ago
  • Bristow Group, Inc. in Houston, Texas is seeking an IT Security & Compliance Analyst to enhance the organization's global information security and compliance program. This role will focus on security operations, vulnerability management, and regulatory compliance for critical... 

    Bristow Group

    Houston, TX
    5 days ago
  • Let’s be #BrilliantTogether We are looking for a Client Compliance Analystto join our Information Security Governance, Risk, and Compliance (GRC) function. This role plays a key part in supporting our clients and internal teams by coordinating information security due... 
    Local area
    Flexible hours

    ISS STOXX

    Norman, OK
    2 days ago
  • Ascension Federal Services Inc. is seeking a detail-oriented Security and Compliance Analyst to join their team in Miami, FL. The candidate will be...  ...standards and regulatory requirements while protecting information assets. The ideal applicant will have a Bachelor’s... 

    Ascension Federal Services Inc.

    Miami, FL
    3 days ago
  • We are looking for a Client Compliance Analyst to join our Information Security Governance, Risk, and Compliance (GRC) function. This role plays a key part in supporting our clients and internal teams by coordinating information security due diligence activities in a professional... 
    Local area
    Flexible hours

    Institutional Shareholder Services Inc.

    Norman, OK
    4 days ago
  • The City of Santa Fe Springs is seeking an Information Security Compliance Analyst to support the Chief Information Security Officer. This role involves evaluating IT controls, maintaining the IT Risk Register, and collaborating on risk remediation efforts. A Bachelor’s... 
    Work at office
    Remote work
    Flexible hours

    City of Santa Fe Springs

    Chicago, IL
    3 days ago
  •  ...Sunflower Bank, N.A. is looking for an energetic, highly motivated individual to fill the position of a full-time Information Security Risk and Compliance Analyst at our Dallas, TX location. Responsibilities Perform assigned second line control oversight activities,... 
    Full time

    Sunflower Bank, N.A.

    Dallas, TX
    5 days ago
  • Responsibilities Under the direction of the Chief Information Security Officer, the Information Security Compliance Analyst will assist with the examination of internal IT controls, evaluate the design and operational effectiveness of deployed systems and capabilities,... 
    Work experience placement
    Work at office

    Illinois Attorney General (IL)

    Chicago, IL
    4 days ago
  • Identity Access Management Analyst The Identity Access Management (IAM) Analyst is responsible...  ...access is granted and maintained in a secure and compliant manner. Responsibilities...  ...stakeholders. This includes keeping stakeholders informed of the latest security threats, and... 

    MidFirst Bank

    Oklahoma City, OK
    4 days ago
  • Job Description The Security Risk & Compliance Analyst supports the organization’s global information security program by assisting in the identification, assessment, and management of information security risks and compliance demands across Victaulic’s entire organization... 
    Work at office

    Victaulic

    New York, NY
    1 day ago
  • Victaulic is seeking a Security Risk & Compliance Analyst to support its global information security program across various regulatory frameworks. This role involves conducting risk assessments, managing compliance documentation, and coordinating third-party audits. Ideal... 

    Victaulic

    New York, NY
    1 day ago
  • $100k - $150k

     ...that keep people safe and businesses thriving. Our commitment to security and data protection is at the core of everything we do, and we are looking for a talented Senior Information Security Compliance Analyst to join our team and help drive our project success. Job... 
    Full time
    Work experience placement
    Relocation

    Motorola Solutions

    California
    1 day ago
  • Teradata Corporation (SE) seeks a Compliance Analyst in Albany, NY. In this role, you will support Teradata's security compliance programs across global cloud offerings. Responsibilities...  ...candidate will hold a Bachelor's degree in Information Security and possess 1 to 3 years of... 

    Teradata Corporation (SE)

    Albany, NY
    3 days ago
  • MaintainX is seeking an Information Security professional to enhance its security posture by managing vulnerabilities and conducting assessments...  ...in AWS and various security frameworks to support compliance programs. The ideal candidate has experience in information... 

    MaintainX

    Raleigh, NC
    4 days ago
  • $2,000 per month

     ...advantage of all structured and unstructured data — securing and protecting private information more effectively — Elastic’s complete, cloud-based...  ...seeking an experienced Senior Information Security Compliance Analyst to lead our Department of Defense (DoD) Impact... 
    Local area
    Flexible hours

    Elastic

    United States
    1 day ago
  • $89.71k

     ...knowledge, skills, and behaviors required. SUMMARY - Senior Information Security Analyst: Under the general supervision of the Supervisor, IT...  ...uses software tools to ensure proper security posture for compliance. Writes reports and briefings related to specific information... 
    Full time
    Work experience placement
    Work at office
    Night shift
    Weekend work
    Afternoon shift
    Weekday work

    Western Farmers Electric Cooperative

    Moore, OK
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Information Security Compliance Analyst. Be the first to apply!