Not ready to apply?

Information Security and Risk Manager #28777

Information Security and Risk Manager

Salary: $100K - $115K

5+ years of experience in network/systems administration and 2+ years in security; CISSP, CISA, GIAC or other related information security certifications required

Expertise in Microsoft back office (AD, Exchange, Azure, M365, InTune, PowerShell scripting); specifically experience migrating from on-prem to cloud, VMware vSphere, Cisco UCM/Call Manager/Jabber, and Fortinet firewalls and VPN

Do you have solid knowledge of risk management frameworks to implement strategies to mitigate prioritized risks? If so, a leading Boston law firm is looking to hire an Information Security and Risk Manager. Apply to be responsible for the maintenance of a firm-wide Information Security program that ensures the availability, integrity, and confidentiality of the firm’s information assets.

Responsibilities

  • Information Security and Risk Manager will manage systems and practices to protect client, employee and firm information
  • Establish and maintain data security strategies and programs
  • Conduct risk assessments to evaluate the effectiveness of existing controls
  • Investigate and remediate threats
  • Monitor, investigate and resolve alerts escalated by third party SEIM provider (Rapid7)
  • Provide technical guidance and recommendations for new products and services
  • Develop and implement IT security policies, standards, procedures and protocols
  • Conduct penetration testing and vulnerabilities scans and coordinate remediation
  • Create and promote a high degree of data security awareness in the firm and coordinate annual firm-wide security awareness training
  • Participate in the maintenance of the firm’s Disaster Recovery and Business Continuity Plan
  • Ensure all security policies and procedures are kept current
  • Gather documentation/technical information in support of audit requests and issue remediation efforts
  • Stay current with applicable government regulations and requirements
  • Enforce best and most current practices as pertains to all aspects of data security

Requirements

  • Bachelor's Degree in Computer Science, Information Security, or related field
  • 5+ years of experience in network/systems administration and 2+ years in security
  • CISSP, CISA, GIAC or other related information security certifications
  • Expertise in Microsoft back office (AD, Exchange, Azure, M365, InTune, PowerShell scripting); specifically experience migrating from on-prem to cloud, VMware vSphere, Cisco UCM/Call Manager/Jabber, and Fortinet firewalls and VPN
  • Understanding of security concepts, encryption, system hardening, defense-in-depth designs, advanced persistent threats, anomaly detection and next-generation technologies
  • Able to clear government security checks as applicable
  • Demonstrate strong problem solving, analytical, interpersonal, and ownership skills
  • Possess excellent collaboration skills for work with various internal team members
  • Knowledge of a variety of security tools

Categories: Direct Hire|Information Technology Jobs, Region| Metro Boston - Massachusetts

Not ready to apply?

Interested? Apply Now!

BPTW 2020
BPTW 2019

The Job Seekers Survival Kit

Looking for a job is hard work but JOHNLEONARD can help!
Use our Job Seekers Survival Kit to survive your next Job Search.

GET STARTED NOW!