Legal Staff Information Technology in Los Angeles, CA

Law Firm

Los Angeles, CA

Legal Staff Information Technology in Los Angeles, CA

Legal Staff

5-8 yrs required

No

Job Title: Senior IT Security Engineer, Governance Risk & Compliance, Data Protection and Privacy Support

Job Responsibilities:

The Senior IT Security Engineer, Governance Risk & Compliance, Data Protection and Privacy Support, plays a pivotal role within the law firm's IT Security team. This position is crucial for ensuring the firm meets its security objectives and regulatory requirements while maintaining robust data protection and privacy standards. Key responsibilities of this position include:

Governance, Risk & Compliance Leadership:
- Lead the creation and maintenance of enterprise security documents, including policies, standards, baselines, guidelines, and procedures, under the guidance of the IT Security Manager.
- Oversee the planning, design, testing, and maintenance of the firm's Incident Response Plan, ensuring alignment with Governance, Risk & Compliance (GRC) objectives.
- Drive the planning, implementation, and maintenance of the firm's ISO 27001 Certification program.
- Lead client audits and third-party supplier security assessments, ensuring thorough evaluation and compliance with security standards.
- Guide the strategic planning and design of the firm's enterprise security architecture, focusing on GRC requirements.

Data Protection and Privacy Support:
- Develop and implement strategies for data protection and privacy, ensuring compliance with regulations such as GDPR and CCPA.
- Collaborate with legal, compliance, and privacy teams to ensure privacy policies and practices align with regulatory requirements.
- Monitor and assess data protection measures, recommending improvements to enhance privacy and security.
- Provide training and support to staff on data protection and privacy best practices.

Expertise in Cybersecurity and Artificial Intelligence:
- Maintain advanced knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and emerging threats.
- Recommend and implement additional security solutions or enhancements to existing security solutions, leveraging Artificial Intelligence where applicable.
- Oversee the deployment, integration, and initial configuration of new security solutions and enhancements, ensuring adherence to GRC standards.

Operational Management:
- Ensure up-to-date baselines for the secure configuration and operations of all in-place devices, ensuring compliance with GRC policies.
- Monitor security solutions for efficient and appropriate operations, focusing on risk management.
- Review logs and reports of in-place devices, interpreting implications for GRC compliance and devising plans for resolution.
- Lead investigations into problematic activity and design and execute vulnerability assessments, penetration tests, and security audits.
- Provide on-call support for end users and other IT staff for security-related issues, ensuring GRC adherence.

Education and Experience Information:

Qualifications:
- 5+ years of experience in configuring and maintaining network security tools.
- Minimum 8 years of experience in information security governance, including policy and procedure development, security assessments, and incident response.
- Proven expertise in Cybersecurity, Data Protection & Integrity, Privacy, and Artificial Intelligence.
- Extensive experience in leading client audits and third-party supplier security assessments.
- Experience in the legal, financial, or business services industries preferred.
- Strong understanding of Access Control Management and familiarity with encryption tools and concepts.

Education & Certifications:
- Bachelor’s degree in computer science, cybersecurity, or a related field; advanced degree preferred, or equivalent work experience.
- Relevant certifications such as CISSP, CISM, CompTIA Security+, CompTIA Network+, Microsoft Certifications, ITIL Foundations.

Leadership Skills:
- Demonstrates outstanding leadership, teamwork, and client service, with the ability to lead security assessments and audits.
- Ability to conform to shifting priorities, demands, and timelines in a high-pressure environment through analytical and problem-solving capabilities.

Communication Skills:
- Translates technical details into descriptions the client can understand; adjusts content of written/verbal communication to the audience.
- Adept at conducting research into security project-related issues and products, with a focus on GRC compliance.

Additional Requirements:
- Ability to adapt to flexible work hours, travel occasionally, and respond to security-related issues on a 24x7 basis.
- Coordinate multiple, simultaneous projects with multiple vendors and other firm personnel in a dynamic, evolving environment.

Salary Information:

Compensation and Benefits:
The expected salary ranges for this position are as follows:
- California Major Markets: $128, - $180,
- New York City: $143, - $180,
- National: $116, - $148,

Additional Information:
The law firm is committed to providing a comprehensive, competitive, and thoughtful total compensation package to attorneys and staff, wherever they work. This compensation and benefits information is based on the firm's estimate at the time of publication and may be modified in the future. The level of pay within the range will depend on various job-related factors, including qualifications, relevant experience or education, particular skills or expertise, and geography. Other compensation may include an annual discretionary merit bonus, determined by firm and individual performance.

The firm offers a full range of elective health benefits, including medical, dental, vision, and life; robust mental well-being programs; child, family, elder, and pet care benefits; short- and long-term disability and industry-leading parental leave benefits, health savings account contributions (with applicable medical plan), flexible spending accounts, and a 401K program. This role will receive compensated time off through the Flexible Time Off program and paid holidays.

The law firm is an Equal Opportunity Employer. Consistent with the SF Fair Chance Ordinance, an arrest and conviction record will not automatically disqualify a qualified applicant from consideration. Qualified applicants with criminal histories will be considered for the position in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring.