Search using our robust engine. Get the recommendations you need to get ahead.
Browse through our expansive list of legal practice areas.
Work where you are or where you would like to be. Find where you will work with LawCrossing.
Use our marketplace to feature your opportunity
Start your search today
Set up your account and manage your company profile on LawCrossing
Look through and compare company profiles
Learn from the legal expert
Discover salaries and the scope of your next job
LawCrossing Works Read Testimonials and Share your Story
Carrot Peelers, Sales, Personality and Your Job Search
Law Firm
Legal Staff
Min 10 yrs required
Manager of Information Security Duties: Oversee and manage the firm’s security policies and protocols, incident response program and procedures, including the development and maintenance of a robust security risk management process to assess, evaluate, assign, and remediate security-related risks. Establish and satisfy information assurance and security requirements based upon analyses of client, user, policy, regulatory and resource demands. Make improvement recommendations across the enterprise to manage and mitigate business and security risks while ensuring compliance with applicable laws, standards, policies and client requirements. Perform analysis, design, and development of security features for system architectures. Perform and oversee vulnerability/risk analysis of computer systems, software and applications. Routinely advise the firm about current information security trends, technologies and related regulatory issues. Establish security metrics to baseline, monitor, and report on security effectiveness and progress. Work with vendors to augment and supplement various functions of security program such as penetration tests, vulnerability scans and audits and to ensure compliance with BAA terms and conditions. Work with timekeepers, administrative staff, firm committees and management as necessary to address disaster recovery and business continuity programs, security awareness training programs, client security issues and information requests and any other security-related issues affecting client or firm data. Analyze and promulgate information on emerging cyber threats and actively engage in industry forums.
Qualification and Experience
REQUIREMENTS: Bachelor’s degree in management information systems, information security, information technology, information systems management or closely related field. 10+ years’ experience working in the information technology and security fields with 7+ years’ experience in an information security-related role and 5 years’ or more of management experience pertaining to information security and policy is desired. Technology and security consulting experience is a plus. CISSP, CISA and/or CISM certifications required. Experience developing, implementing, and evaluating IT security standards, procedures, technologies, industry and regulatory/compliance best practices, including specific experience managing large-scale security projects Demonstrated security administration, execution, and documentation experience with enterprise grade network and security infrastructure. Knowledge of techniques for defending networks against broad-based security attacks (e.g., ransom ware, DoS, phishing, SQL injection, etc.) and advanced persistent threats. Hands-on understanding of key security technologies and tools such as encryption, TCP/IP, HTTP, DNS, vulnerability scanning tools, data loss prevention and mobile device management. Demonstrated experience with control frameworks such as ISO, NIST and HIPAA. Expert, hands-on knowledge of and experience with firewalls, intrusion prevention/detection systems, dual-factor authentication, IDS, IPS, e-mail gateways, proxies, endpoint security and SEIM. Outgoing, personable, discrete and capable of being client-facing; able to engender trust. Strong analytical, problem-solving, organizational and planning skills. Common sense required. Must speak concisely and convincingly and write similarly. Results-oriented, self-starters only.
Sign Up Now