Download App | FOLLOW US ON SOCIAL MEDIA
 Upload Your Resume   Employers / Post Jobs 

Legal Staff Other in Chicago, IL

Jenner & Block, L.L.P. Jan 15,2018 Mar 29,2017 Location USA Chicago IL
This job is expired...

Law Firm

Legal Staff

Min 5 yrs required

Profile

Information Security Policy/Audit Analyst Duties: Develops, tests, documents, evaluates, tracks and improves information security controls for all information technology resources, applications and security protocols. Creates and documents security policies, procedures and protocols as required. Implements security audit guidelines and workflow process, testing the capability, reliability and effectiveness of the firm’s security systems, applications, protocols and procedures. Collaborates with appropriate stakeholders to document and implement necessary policies and procedures to comply with ISO 27001 standards and to obtain certification. Works with security and departmental subject matter experts to develop and document a practical business continuity plan designed to ensure ongoing business viability. Works with appropriate personnel to respond to client generated security assessments. Performs necessary security engineering tasks as a backup for other security team members.

Qualification and Experience

Qualifications: Undergraduate degree in computer science, information technology or equivalent work experience. 5+ years in an information security role, preferably in a law firm or other environment involving critical data and confidentiality management requirements. Experience working with enterprise security technologies, including IDS/IPS systems and firewalls (CheckPoint experience preferred), antivirus, enterprise vulnerability scanning and testing, data at rest encryption technologies, and related technologies used to secure electronic data in the enterprise. Experience in performing auditing and other testing of security controls, developing audit plans and procedures, and reporting the results of such audits. Experience in security policy writing/development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing. CISSP, CISM, CRISC, CISA, GIAC, or other security certifications desired. Knowledge of information security controls and standards, particularly ISO 27001/27002 and NIST 800-53, rules and regulations related to information security and data confidentiality (e.g., HIPAA) and desktop, server, application, database, network security principles for risk identification and analysis. Strong analytical and problem solving skills. Excellent communication (oral, written, presentation), interpersonal and consultative skills. Able to work independently, self-directed.

Company info