Not ready to apply?

Information Security and Risk Manager #28584

Information Security and Risk Manager

Salary: $100K - $115K

5+ years of experience in network/systems administration and 2+ years in security; CISSP, CISA, GIAC or other related information security certifications required

Do you have solid knowledge of risk management frameworks to implement strategies to mitigate prioritized risks? If so, a leading Boston law firm is looking to hire an Information Security and Risk Manager. Apply to be responsible for the maintenance of firm wide Information Security program that ensures the availability, integrity, and confidentiality of the firm’s information assets.


  • Information Security and Risk Manager will manage systems and practices to protect client, employee and firm information
  • Establish and maintain data security strategies and programs
  • Conduct risk assessments to evaluate the effectiveness of existing controls
  • Investigate and remediate threats
  • Monitor, investigate and resolve alerts escalated by third party SEIM provider (Rapid7)
  • Provide technical guidance and recommendations for new products and services
  • Develop and implement IT security policies, standards, procedures and protocols
  • Conduct penetration testing and vulnerabilities scans and coordinate remediation
  • Create and promote a high degree of data security awareness in the firm and coordinate annual firm-wide security awareness training
  • Participate in the maintenance of the firm’s Disaster Recovery and Business Continuity Plan
  • Ensure all security policies and procedures are kept current
  • Gather documentation/technical information in support of audit requests and issue remediation efforts
  • Stay current with applicable government regulations and requirements
  • Enforce best and most current practices as pertains to all aspects of data security


  • Bachelor's Degree in Computer Science, Information Security, or related field
  • 5+ years of experience in network/systems administration and 2+ years in security
  • CISSP, CISA, GIAC or other related information security certifications
  • Understanding of security concepts, encryption, system hardening, defense-in-depth designs, advanced persistent threats, anomaly detection and next-generation technologies
  • Able to clear government security checks as applicable
  • Demonstrate strong problem solving, analytical, interpersonal, and ownership skills
  • Possess excellent collaboration skills for work with various internal team members
  • Knowledge of a variety of security tools

Categories: Direct Hire|Legal Jobs, Direct Hire| Technology Jobs

Not ready to apply?

Interested? Apply Now!

BPTW 2020
BPTW 2019

The Job Seekers Survival Kit

Looking for a job is hard work but JOHNLEONARD can help!
Use our Job Seekers Survival Kit to survive your next Job Search.