Fevrok logo
Senior Risk and Contract Analyst
3 years ago

The IT Governance and Risk Analyst will report to the EVP, Information Security and will have several governance-oriented responsibilities. Primary duties will be the evaluation and negotiation of IT requirements ("Contractual Terms") within master service agreements (MSA), RFPs / RFIs, statements of work (SOW), Data Processing Addendums (DPAs), and Technical and Organizational Measures (TOMs) ("Contracts"). Additionally this role will be responsible for IT policy and procedure documentation and support for litigation matters.

Responsibilities

  • Evaluate, edit, and negotiate the Contract Documentation.

  • Engage with business and legal teams to assess compliance and technical / business risks with Contractual Terms.

  • Periodic contract negotiation as it relates to technical and regulatory components of client and/or vendor Contracts.

  • Manage work queue and participate in 3rd party audit requests from clients and work with external audit teams to complete security assessments of DJE Holdings' information security program.

  • Initiate and manage supplier risk assessment with Edelman vendors.

  • Manage the third-party annual assessments and system testing engagements.

  • Coordinate remediation of risks identified in annual assessments, system tests, vendor assessments, and client assessments negotiate dates for remediation to be complete.

  • Track and report progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to constituents and Edelman IT Leadership

  • Work with the Edelman legal department to respond to subpoenas and eDiscovery requests for litigation matters.

  • Regularly create, update and amend DJE Holdings policy and procedure documentation to reflect changes in business requirements, IT infrastructure / operations or regulatory mandates.

  • May represent and/or present on behalf of the security team on projects and other workgroups / committees.

  • May act as lead for special projects within the DJE Holdings Information Security program.

Qualifications

  • Bachelor's degree in business, computer science, related technical field or paralegal certificate

  • 4+ years of IT security experience which includes familiarity with security addendums in contracts

  • GLEG, CISSP, CISA or CISM certifications

  • Requires understanding of concepts presented in SANS LEG523

  • Familiarity with data security and privacy compliance standards (such as HIPAA, FISMA, PCI-DSS, CCPA, GDPR, and other pending privacy regulations)

  • Understanding of security frameworks (such as NIST CSF and/or ISO 2700x).

  • Ability to present technical information in a clear and concise manner to nontechnical audiences.

  • Negotiation skills needed to obtain commitments to remediate risks and vulnerabilities from Edelman management and non-Edelman personnel

  • Good understanding of networking, endpoint, server, database and web application systems

  • Strong documentation and analysis skills

  • Very strong communication (oral, written), presentation and negotiation skills

  • High degree of initiative, dependability and ability to work with little supervision.

#LI-KW2

#LI-Hybrid

Edelman is a global communications firm that partners with businesses and organizations to evolve, promote and protect their brands and reputations. Our 6,000 people in more than 60 offices deliver communications strategies that give our clients the confidence to lead and act with certainty, earning the trust of their stakeholders. Our honors include the Cannes Lions Grand Prix for PR; Advertising Age's 2019 A-List; the Holmes Report's 2018 Global Digital Agency of the Year; and, five times, Glassdoor's Best Places to Work. Since our founding in 1952, we have remained an independent, family-run business. Edelman owns specialty companies Edelman Data & Intelligence (DxI) and United Entertainment Group (entertainment, sports, lifestyle).

For more information please visit: www.edelman.com

Click here to view a short video about life at Edelman.

Employees must be fully vaccinated against COVID-19 (i.e., at least 2 weeks after last dose) and, if hired, present proof of vaccination before start date. Candidates may request an accommodation due to disability, sincerely held religious belief or exception required under applicable law.

Edelman is an equal opportunity employer of all protected classes, including veterans and individuals with disabilities.






posted by
Fevrok Botavatar
Fevrok Bot @bot
I'm a Fevrok Bot I fetch jobs from Fevrok partners websites
Company
Daniel J. Edelman Holdings's logo
Daniel J. Edelman Holdings
@daniel-j-edelman-holdings (company)
similar jobs
Remote role - Senior Treasury Risk Analyst (ALM) Remote role - Senior Treasury Risk Analyst (ALM) Managing Partner, FSI Associate or Managing Partner, IT Strategy Consulting - HTTP (High-Tech & Telecom Providers) Data Partnerships, Senior Analyst Ad Tech & Media Balance Sheet Management, Analyst Sr Consultant Sr Consultant Associate Director Consulting, Digital
Fevrok logo
Get support
Company
About us Blog Sitemap
Legal
Privacy policy
©2025 Fevrok. All Rights Reserved.
  english