We are a Firm where people truly believe in what they do and strive to achieve the highest standards of performance and success.

General Description:

The IT Risk & Vendor Junior Analyst will support the management of information technology risks within the Firm and with external vendors, helping ensure compliance with industry regulations and company policies. The incumbent in this role will assist in identifying potential risks, evaluating their impact, and contributing to strategies that reduce those risks. They will collaborate closely with business owners, internal stakeholders, and external vendors to establish and maintain effective risk profiles related to people, processes, and technologies. Risk Management processes will include evaluating vendor capabilities, conducting risk assessments, and monitoring performance metrics.

Key Responsibilities and Essential Job Functions:

• Apply information security frameworks, policies, and procedures in alignment with legal, regulatory, and industry best practices.
• Conduct regular risk assessments of informational assets, processes, and third-party relationships to identify, evaluate, categorize, and remediate potential risks.
• Assess the design and operating effectiveness of existing security controls and procedures to ensure their effectiveness in mitigating identified risks.
• Identify control gaps and recommend necessary improvements.
• Prepare comprehensive risk reports detailing identified risks, mitigation plans, and control deficiencies for senior management.
• Collaborate and communicate risk findings to relevant stakeholders, including business owners and IT teams to ensure the risk levels are within the Firm’s risk appetite.
• Maintain accurate and up-to-date risk exceptions and audit findings for informational assets, processes, and third-party relationships.
• Assist with monitoring adherence to risk levels, security policies, and standards within the organization.
• Monitor adherence to security policies and standards within the organization.
• Collaborate with incident response activities through risk and third-party management perspectives and efforts.
• Monitor adherence to security policies and standards within the organization.
• Special project and duties as assigned.

Required Skills:

• Excellent analytical and critical thinking skills.
• Strong communication skills.
• Exceptional attention to detail.
• Ability to multi-task in a challenging environment to meet deadlines.

Required Qualifications & Education:

• Bachelor’s degree in information technology, Business Administration, or related field.
• 2+ years of experience in IT Risk and Vendor management or related roles.
• Strong understanding of risk management principles and methodologies.
• Familiarity with regulatory requirements and industry standards in risk and third-party management, such as ISO, NIST, COBIT, and ITIL.
• Proven ability to develop and maintain effective vendor relationships.
• Proficient in Microsoft Office suite, Integrated Risk Management Solutions, and Third-Party Risk Management platforms.

Preferred Qualifications & Education:

• Certified in Risk and Information Systems Control® (CRISC®) Certifications desired.

Physical Requirements:

• Ability to sit or stand for extended periods of time.
• Moderate or advanced keyboard usage

Benefits: Our goal is to promote a work environment in which individuals have access to the resources they need to be at their best both professionally and personally, which includes resources that encourage individuals to focus on their health and well-being. Below is a list of just some of the benefits we offer: generous paid time off; eleven paid holidays per year; time off for bereavement or jury duty; paid leave for new parents; comprehensive medical (PPO and HDHPs), dental and vision plans including coverage for domestic partners; life and AD&D insurance; short and long term disability insurance; tax-advantaged accounts for health care expenses, including FSA or HSA; FSA for dependent care; supplemental AFLAC policies for medical care; excess liability coverage; health advocacy services; behavioral health and counseling resources for all family members; 401(k); profit sharing; pre-tax transit and parking program; backup care for children and adults; senior care planning support; and resources for individuals with development disabilities and their caregivers.

Benefits may vary by position and office.

Holland & Knight is committed to hiring and retaining a diverse workforce. We are proud to be an Equal Opportunity Employer, making decisions without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, protected veteran or any other protected class.

Personal Information collected from applicants will be used for the purpose of processing the application throughout any recruitment or employment process, as well as inclusion in a personnel file. Categories of data collected may include name, address, phone numbers, email, Social Security Number, and signature. Holland & Knight may collect further information if you consent to a background check. This includes criminal background, employment, and certifications. Please visit Legal Information Portal for Holland & Knight LLP’s privacy policies.