The Director of Information Security reports to the Chief Information Officer (CIO) and is responsible for information security policy assessments, enforcing compliance with firm security policies and applicable law, vendor management and security incident management. Working with the firm’s Information Technology teams, including Network Operations, Customer Experience, Practice Services and Research, the Director of Information Security will help develop, manage, audit and enforce security related policies and procedures throughout the firm’s enterprise on premise and cloud systems.
Required Knowledge, Skills And Abilities
Admin-level knowledge of Windows system administration and Active Directory.
Knowledge of network security principals, best practices and industry standards.
Knowledge of security models that maintain and enforce security policies.
Expert understanding of cloud controls and environments, a strong foundation in IT solutions deployment and practical understanding of IT security compliance, risk management and information security principles including access control, network security, information security architecture, information security operations, and leading practices and associated tools in a cloud environment are critical.
Experience with IT security, compliance, risk and privacy frameworks such as ISO 27001, NIST 800-53, HIPAA, GDPR, CCPA.
Knowledge of security tools and concepts including: IDS/IPS; SIEM; Web Proxy; Encryption; Patch management; Vulnerability Scanning & Remediation; Forensics; Penetration Testing; DLP; Email Gateways; Anti-spam Services; MDM; Privileged Account Management; Log Analytics; Two Factor Authentication; Single Sign On.
Individual must possess excellent communication and interpersonal skills with a high degree of empathy and emotional intelligence, be self-motivated with the ability to manage and prioritize multiple deliverables to meet deadlines and demonstrate proven success delivering results individually and as part of a team in a fast-paced, demanding, growth environment.
Job Competencies / Success Factors
Client-service orientation
Pro-active problem solving
Strong communication skills
Work ethic and teamwork
Leadership skills
Interpersonal skills
Qualifications
4+ years of experience working in an Information Security management role.
CISSP certification
Project management experience preferred
Previous law firm experience highly desired
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Business Consulting and Services
Referrals increase your chances of interviewing at JBA International by 2x