Fragomen

Compensation

Full Description

Job Description Fragomen is seeking a Compliance Analyst to join our talented Compliance Response Team. A Fragomen career gives you the opportunity to work with a smart, motivated and diverse peer group. Our exclusive focus on immigration means you will practice in an exciting, ever-changing and challenging environment with people who are passionate about immigration. Working in a collegial, team-oriented environment, Fragomen employees learn from the industry's leading experts. Our firm commitment to quality and best practices is supported by technological innovation that benefits our clients and staff. Fragomen strongly affirms that the demonstration of data privacy and security is critical to meet our obligations to our clients and distinguishes our business offerings in this competitive market. The Compliance Analyst will report directly to the Governance, Risk, and Compliance Operations Manager. We seek a professional, diligent individual that can keep up with the high demand of client and partner requests that support, identify and demonstrate Fragomen’s security controls. A candidate should have thorough knowledge of IT Security controls to include basic understanding of Cybersecurity frameworks such as NIST 800-53, ISO 27001, SOC 2 type 2 and CIS controls. The candidate should have experience collecting evidence from internal stakeholders and presenting them to external auditors. have a strong understanding of cybersecurity risk management, including how to document risks and develop risk treatment plans understand and be able to articulate the relationship between cybersecurity and internal general controls (ITGC), compliance obligations and risk reduction have experience configuring and using common GRC platforms, such as Vanta, Drata, and Apptega have experience drafting IT policies that align with industry best practices understand vendor and third-party risk management processes Have experience with supporting cybersecurity awareness programs be knowledgeable of the global regulatory landscape and capable of communicating the Firm’s efforts in this area. be collaborative and team oriented as a member of Fragomen’s Governance, Risk & Compliance (GRC) team which helps make data privacy and security a distinguishing factor in our technological offerings. A successful candidate will demonstrate these competencies and possess excellent communication skills to communicate our data security, data privacy and compliance efforts to our global partners, senior leadership, and Clients. Responsibilities will center around demonstrating to Clients Fragomen’s secure operational environment and foundational security policies and principles through the completion of client questionnaires, external certifications, Client audits, RFPs, and technical assessments. What a Compliance Analyst Does at Fragomen: Operationalizing Risk Management: Understand industry standard cybersecurity risks and how controls affect them. Understand how GRC platforms work and how they support Risk Management Develop trusted relationships with senior business partners to gain an in-depth understanding of key business processes, products and services, and influences others to ensure business case and customer satisfaction goals are met. Acquire fundamental knowledge of all Fragomen areas to better understand emerging risks. Support the Service Delivery function to deliver reliable, best-in-class support services in a manner that meets our contractual obligations and delights our customers and clients. Assist with vendor and third-party risk management IT Compliance Support ISO 27001, SOC 2 type 2 and PCI audits by gathering and documenting how Fragomen is meeting the control objectives identified in these standards Support completing client facing requests demonstrating Fragomen’s security controls to include demonstrating and understanding technical security controls. Work closely with IT internal audit to meet IT security compliance obligations Assistance in GRC Operations: Collaboratively work with teammates and internal Fragomen teams and take direction from management to resolve assigned Client support work items with both speed and quality. Acquire fundamental knowledge of all Compliance Operations areas to gain comprehensive knowledge of operations and industry standard best practices. Support security awareness programs Collaborate with GRC oriented teams - the Office of Audit and Privacy, the Office of General Counsel, Information Security and Compliance - and legal/client relationship teams to continuously improve and demonstrate the firm’s commitment to data privacy and security. Produce written and verbal communication, that when escalating matters, is summarized, and always clear and concise. Provide ideas and suggestions for department process improvements. Let’s Talk If You Have: A strong understanding information security and data privacy frameworks and their control objectives including NIST Cyber Security Framework (CSF), NIST 800-53, and CIS Experience supporting ISO27X series, SOC2 and PCI compliance requirements and external audits, including control and evidence documentation Broad knowledge of Data Privacy regulatory landscape including but not limited to GDPR. Experience in risk management and project management, including but not limited to documenting and developing remediation plans. Experience supporting security awareness training Drafting IT Policies that align with industry best practice and cybersecurity frameworks Strong communication skills both written and verbal Outstanding work ethic Minimum of 5 years of experience in the IT Security GRC field based on work history and/or education. Big 4 or large consulting firm experience a major plus All offers and/or employment contracts are contingent upon the successful completion of the Firm’s pre-employment screening process. This process may include verifying the candidate’s identity, confirming legal authorization to work in the offered position's location, and conducting a comprehensive background check, where permitted by local regulations. Fragomen is a leading firm dedicated to immigration services worldwide. The firm has more than 6,000 immigration professionals and support staff in more than 60 offices across the Americas, EMEA and Asia Pacific. A member of the Am Law 100 and Am Law Global 100, Fragomen offers immigration support in more than 170 countries. Fragomen’s professionals are respected leaders in the immigration field, and the firm is regularly recognized as a leading employer of minority and female attorneys. The firm supports all aspects of global immigration for corporate, academic, nonprofit, and individual clients, including strategic planning, quality management, reporting, case management and processing, compliance program counseling, representation in government investigations, government relations, complex matter solutions, and litigation. Fragomen is a long-time leader in the immigration technology space and continues to lead the way in the digitization of the immigration journey. It has created Fragomen Technologies Inc., a Fragomen subsidiary focused on the nexus of law and technology to further enhance its technology offering. These capabilities allow Fragomen to work in partnership with individuals and corporate clients across all industries to plan talent strategy, facilitate the transfer of employees worldwide, and navigate complex challenges. Fragomen is committed to promoting diversity, inclusion and equal opportunity for all employees and applicants, regardless of race, ethnicity, heritage, gender, age, religion, disability, sexual orientation, gender identity or intersex status. At Fragomen, we do meaningful and impactful work for our clients and put a focus on our Responsible Business Practices: #LifeAtFragomen: We drive innovation and change. We respect colleagues, embrace diversity, and empower others. #FragomenForward: At Fragomen, pursuing an equal, diverse, and inclusive workforce goes beyond a policy. It’s part of our DNA—and always has been. Year after year, we are recognized as leaders in diversity in our industry. Giving Back. We have a deep history of giving back to the communities where we live and work—and we continue that mission today. Serving the less fortunate by providing advice and community support where it is most needed allows us to help immigrants secure a better future for themselves and their families. Corporate Social Responsibility. We believe there is more to success in business than generating profit—we want to do well by doing good. We are committed to considering the impact that our business decisions have on our people, our planet, the communities in which we work and our clients. Sustainability. Fragomen is focused on sustainability in our business operations and practices—and we know there is much work to be done, with countless opportunities available to minimize our impact on the environment Well-being. We are committed to implementing firmwide initiatives that support the health and wellness of our people, including programs to address work-life balance and benefits that cover a wide range of well-being needs of all employees. Our #FragomenWorks program provides the ability to be successful at home or in the office, via Hybrid & Remote work arrangements. Our Feedback Works process includes three managerial check-ins per year to help you progress in your career. Unique learning programs like: Fragomen Academy, Leadership Academy, Practical Management Academy, and Regional Development Conferences.