At Morgan & Morgan, the work we do matters. For millions of Americans, we’re their last line of defense against insurance companies, large corporations or defective goods. From attorneys in all 50 states, to client support staff, creative marketing to operations teams, every member of our firm has a key role to play in the winning fight for consumer rights. Our over 6,000 employees are all united by one mission: For the People.
Senior GRC Analyst
Morgan & Morgan | Risk & Resilience Program
Reports To: Director of Business Continuity
Department: Information Security / Risk & Resilience
Type: Full-Time
The Opportunity
Morgan & Morgan is one of the largest plaintiff law firms in the country — 6,000+ employees, 100+ offices, and a caseload that doesn’t wait. The Risk & Resilience program is in full build mode: governance structure is set, the first BIA is complete, and the frameworks are mapped. What’s missing is execution capacity.
This is not a maintenance role. You’re joining at the ground floor of a GRC program that needs to be built from a standing start — TPRM methodology, policy lifecycle, risk register calibration, awareness program design. You’ll own workstreams end-to-end, not coordinate them. You report directly to the Director of Business Continuity, who owns the GRC function and sets program direction.
If you want to inherit a mature program and tune it, this isn’t for you. If you want to build one — with real ownership, real scope, and a clear path to being the person who shapes how risk is managed across a national law firm — read on.
What You’ll Own
Third-Party Risk Management
Policy Lifecycle
Risk Management
Security Awareness
Audit & Compliance Readiness
Reporting & Program Visibility
Cross-Program Coordination
What We’re Looking For
#LI-MB1
Benefits
Morgan & Morgan is a leading personal injury law firm dedicated to protecting the people, not the powerful. This success starts with our staff. For full-time employees, we offer an excellent benefits package including medical and dental insurance, 401(k) plan, paid time off and paid holidays.
Equal Opportunity Statement
Morgan & Morgan provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
E-Verify
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the I-9 Form.
Privacy Policy
Here is a link to Morgan & Morgan's privacy policy.