Manager of Information Security

Company: Polsinelli
Location: Kansas City
Posted on: January 23, 2025

Job Description:

Job Category: Information Technology (IT)Requisition Number: MANAG001255Apply now

• Posted: December 11, 2024
• Full-TimeLocationsBirmingham, AL; Boston, MA; Chattanooga, TN; Chicago, IL; Charleston, SC; Denver, CO; Edwardsville, IL; Houston, TX; Jefferson City, MO; Los Angeles, CA; Miami, FL; New York, NY; Phoenix, AZ; Seattle, WA; Salt Lake City, UT; St. Louis, MO; Wilmington, DE; Washington DCAt Polsinelli, What a Law firm Should Be, is not just our tagline, it is what we live every day. We strive to create an environment where our team members are encouraged to bring their creativity and professional passions into the workplace so they can thrive. Are you a people person who has a keen eye for detail, thrives in a professional environment and wants to be part of a dynamic team? We have the perfect role for an engaging professional like you! Polsinelli is seeking a Manager Information Security. Reporting to the Director of Security, this role can be hired as remote or hybrid, provided the candidate is in a state/jurisdiction wherein we practice.CORE RESPONSIBILITIES
  • Takes a leadership role in training/mentoring junior members of the team.
  • Takes a leadership role in helping the Firm maintain its ISO 27001 information security and ISO 27701 privacy certifications.
  • Leads the Outside Counsel Guidelines, client security questionnaires processes and client audits.
  • Performs the annual business impact assessment and business continuity planning.
  • Assumes a leadership role in continuing to maintain our incident response readiness.
  • Collects and documents evidence of compliance with applicable policies, procedures, and regulations.
  • Maintains policies and procedures to ensure risks are identified and mitigated as the technology environment changes.
  • Collaborates with key stakeholders to document technology processes and controls.
  • Tests, reviews, analyzes, and recommends updates to controls in technology procedures.
  • Evaluates security plans and procedures for technical and non-technical sufficiency.
  • Facilitates external audits by collecting requested evidence, analyzing requirements, and coordinating overall response.
  • Identifies improvements that will strengthen the efficiency and effectiveness of compliance initiatives.
  • Maintains documentation of, and reports on, status of compliance activities.
  • Analyzes business impact/exposure of emerging security threats, vulnerabilities and risks.
  • Articulates the security agenda as a member of project teams.
  • Participates in third-party risk assessment and management processes.
  • Coordinates with IT staff as necessary to implement security procedures to mitigate risks.
  • Monitors information security controls and processes for effectiveness.
  • Documents and reviews information security requirements.
  • Reviews and classifies security events in accordance with established procedures.
  • Assumes additional information security responsibilities as assigned.
  • Manages the Third-Party Risk Management Program.
  • Develop documentation for standard operating procedures.
  • Knowledge of security frameworks like: CSF, ISO, MITRE and NIST.
  • Experience with establishing a zero-trust environment.Data Protection and Data Privacy
    • Assists with the development of data protection and data privacy policies and procedures.
    • Assists management and attorneys in identifying and containing risks relating to data protection and data privacy.
    • Assists management with responses to partner requests and other internal and external requests relating to data protection and data privacy.Data and Records Lifecycle Management
      • Researches and assists with the implementation of new and existing records retention periods.
      • Proposes new and improved workflows for client and administrative records retention review.
      • Ensures proper information security controls are in place for client and firm data.
      • Maintains current and accurate recordkeeping of user and management requests and approvals, and business justifications for approved user exceptions.
      • Perform access/identity audits.ExperienceExperience with the following technologies is expected:
        • Beyond Trust
        • Cloud storage solutions
        • CrowdStrike
        • Microsoft
        • Mimecast
        • SCCM
        • Lansweeper
        • TenableCertifications
          • Any of the following certifications would be a plus: CISSP, CISM, CISA, Security+Technical and Skill Requirements:
            • Excellent communication, collaboration, and customer service skills
            • Excellent time management and organization skills
            • Motivated by curiosity, ingenuity, and a desire to learn and grow.
            • At least 5 - 10 years of experience in Information SecurityPolsinelli PC is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment without regard to gender identity and expression, race, color, religion, sex, national origin, sexual orientation, age, disability, ancestry, marital status, military or veteran status, or any other characteristic protected by law.The budgeted salary range for this position is $135,000 - $165,000.As part of full-time employment associated with this position, Polsinelli PC offers the following benefits: Paid time off, sick time off, a referral program, medical insurance and benefits, dental insurance, vision insurance, life insurance, AD&D insurance, ID Theft insurance, long-term disability benefits, short-term disability benefits, Parking/Transit reimbursement (varies depending on location), 401(k) benefits, and employee assistance benefits.
              #J-18808-Ljbffr

Keywords: Polsinelli, Kansas City , Manager of Information Security, Executive , Kansas City, Kansas