• Compliance Analyst

    Dentons US LLP (Chicago, IL)


    Compliance Analyst

     

    Chicago, IL, USPhoenix, AZ, USAtlanta, GA, USKansas City, MO, USWashington DC, DC, USDallas, TX, US

     

    Oct 28, 2025

     

    Dentons US LLP is currently recruiting for a Compliance Analyst. The Compliance Analyst coordinates governance and compliance activities with stakeholders across the business. Core duties include cross-functional support for legal services and related systems, implementing risk management initiatives, and ensuring client and administrative data is handled according to ethical, legal, and contractual standards.

    Responsibilities

    + Review client information security requirements, questionnaires, and assessments; prepare responses and supporting artifacts.

    + Develop and manage an evidence collection calendar for CMMC & SOC 2 Type 2 testing periods; coordinate collection, validation, and retention of evidence demonstrating operating effectiveness.

    + Maintain and continuously enhance a control matrix mapping NIST/ISO control framework, SOC 2 Trust Services Criteria (TSC), CMMC practices, and client requirements.

    + Help develop, maintain, evaluate, and implement policies and procedures aligned to business requirements and legislative changes (e.g., ISO 27001/22301, HIPAA), and extend/align them to SOC 2 Type 2 and CMMC requirements where applicable.

    + Maintain an inventory of improvement opportunities and action items; prepare periodic reports on trends and compliance posture across ISO/NIST/SOC 2/CMMC domains.

    + Maintain governance inventories such as client security notification requirements and regulatory/contractual obligations.

    + Review and track ad hoc client notifications and requests related to information security (e.g., vulnerability notifications, ad hoc control validation requests).

    + Collaborate with Risk Management and IT on implementation and ongoing operation of security controls required by clients and security frameworks (e.g., access restrictions, logging/monitoring, vulnerability management, change/configuration management).

    + Assist with the Third-Party Risk Management (TPRM) program; enhance vendor and cloud service provider inventories; collect and evaluate risk artifacts such as SOC 2 reports and supply chain assurances; track and remediate vendor risks.

    + Perform other duties as assigned based on the ongoing evolution of the Information Security program and client/regulatory requirements, including continued maturation of SOC 2 and CMMC compliance capabilities.

    Experience & Qualifications

    + Minimum of 3 years’ experience in an Information Security or Security Compliance role.

    + Demonstrated understanding of information security controls, governance principles, and standards/frameworks such as SOC 2 and CMMC.

    + Hands-on experience coordinating at least one full SOC 2 Type 2 examination cycle, including scoping, control mapping to AICPA TSC, evidence collection across an audit period, system description support, auditor engagement, exception management, and remediation tracking.

    + Practical experience implementing or assessing NIST SP 800-171 controls and building/maintaining SSPs and POA&Ms; familiarity with CMMC 2.0 levels (with emphasis on Level 2), DFARS clauses, SPRS scoring, and C3PAO readiness activities.

    + Experience with GRC or evidence management tools to map controls, manage testing, track issues, and produce audit-ready evidence.

    + Strong written and oral communication skills; ability to translate technical controls into business language and prepare clear, complete audit responses.

    + Ability to prioritize and work effectively under deadlines; capable of working independently and collaboratively across legal, IT, risk, procurement, and client teams.

    + Strong critical thinking, analytical, and problem-solving skills; demonstrates continuous improvement mindset and proactive collaboration.

    + Knowledge of cross-border regulations, such as GDPR and EU data privacy rules, is a plus.

    + Industry certifications such as CISSP, CISA, CISM, CRISC are a plus.

     

    Salary

     

    Chicago Only DOE:$73,760 - $94,000

     

    Washington DC Only DOE: $75,280 - $96,000

     

    Dentons US LLP offers a competitive salary and benefits package including medical, dental, vision, 401k, profit sharing, short-term/long-term disability, life insurance, tuition reimbursement, paid time off, paid holidays and discretionary bonuses.

     

    _Dentons US LLP is an Equal Opportunity Employer - Disability/Vet. Pursuant to local ordinances, we will consider for employment qualified applicants with arrest and conviction records._

     

    _If you need any assistance seeking a job opportunity at Dentons US, LLP, or if you need reasonable accommodation with the application process, please call our Talent Acquisition Specialist at +1 314 259 5898 or contact us at [email protected]._

     

    About Dentons

     

    Redefining possibilities. Together, everywhere. For more information visit www.dentons.com

     

    **Nearest Major Market:** Chicago