Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Davis Polk & Wardwell LLP

Risk and Compliance Analyst

Davis Polk & Wardwell LLP

Risk and Compliance Analyst supporting governance, risk and compliance programs at elite law firm Davis Polk. Managing vendor risk assessments and client security processes with a focus on ISO standards.

Posted 7/10/2026full-timeNew York City • New York • 🇺🇸 United StatesMid-LevelSenior💰 $100,000 - $125,000 per yearWebsite

About the role

Key responsibilities & impact
  • Support and help maintain the Firm’s Information Security Management System (ISMS), including contributing to ISO 27001 compliance and annual recertification efforts.
  • Manage day-to-day execution of the Firm’s client security assessment process, including gathering documentation, tracking questionnaires, and coordinating responses with internal teams.
  • Support third-party vendor risk assessments, including reviewing questionnaires, SOC reports, and supporting security documentation.
  • Assist in conducting internal IT risk assessments by gathering information from business and IT stakeholders to identify risks, document findings, and support development of risk treatment plans.
  • Support disaster recovery (DR) testing activities, including coordination, documentation, and tracking of results and action items.
  • Execute user access recertification processes for standard and privileged accounts, including tracking completion and escalating issues as needed.
  • Track and follow up on remediation efforts related to findings from client assessments, internal audits, penetration tests, and other security reviews.
  • Support the ongoing use of tools supporting vendor risk management and compliance processes.
  • Perform other duties as assigned.

Requirements

What you’ll need
  • Familiarity with ISO 27001 framework, as well as NIST, SOC 2, or similar.
  • Experience responding to client security questionnaires and conducting vendor risk assessments.
  • Strong analytical, organizational, and time management skills with attention to detail.
  • Proven ability to manage multiple priorities and projects simultaneously in a fast-paced environment while consistently meeting deadlines.
  • Excellent verbal, written, and presentation skills, with the ability to communicate effectively with clients, leadership, and cross-functional teams.
  • Strong interpersonal skills with ability to build relationships and interact with individuals at all organizational levels.
  • Ability to work independently, exercise sound judgement, and take initiative while collaborating effectively across teams.
  • Bachelor’s degree required, preferably Business Systems, Information Systems.
  • 3-5 years of experience in IT risk, compliance, audit, or information security.
  • Previous experience in legal services preferred.

Benefits

Comp & perks
  • Competitive salary
  • Comprehensive benefits package

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information Security Management SystemRisk AssessmentComplianceDocumentationSecurity QuestionnairesDisaster Recovery TestingRemediation TrackingProject ManagementISO 27001 FrameworkNIST
Soft Skills
Organizational SkillsTime ManagementInterpersonal SkillsAttention to DetailJudgment