at Foley & Lardner LLP in Chicago, Illinois, United States
Job Description
Information Security Risk Specialist
US-IL-Chicago | US-WI-Milwaukee | US-Washington DC | US-TX-Dallas | US-MA-Boston | US-UT-Salt Lake City | US-FL-Tampa | US-CO-Denver
ID
2024-3105
Category
Information Technology/Security
Type
Regular Full-Time
FLSA Status
Exempt
Scheduled Hours
40+
Workplace
Hybrid
Overview
Foley & Lardner LLP is looking for an Information Security Specialist to join our Information Security Governance, Risk, and Compliance (GRC) team. The GRC team drives efforts to maintain a secure operating environment in compliance with internal and external requirements, and is responsible for the identification, assessment, tracking, and remediation of information security risk within the organization.
The Security Specialist will work in a team environment and liaise with cross-functional partners to achieve these efforts.This may include, but is not limited to, responding to external security inquiries and questionnaires, performing risk assessments against specific technologies, performing third party risk management activities, assisting in efforts to maintain ISO 27001 compliance, and enhancing policy and procedure documentation.
Responsibilities
Update and maintain the firm's risk management program and risk register; document risk exception and risk acceptances in accordance with defined policies and procedures
Facilitate examinations by security assessors and auditors for compliance obligations, such as ISO 27001, and other external requirements
Support the firm's third party risk management program, including vendor assessments and review of contractual security requirements
Track and drive the remediation of findings from assessment and audit activities
Update and review security policies and procedures
Develop and enhance security awareness and training materials and activities
Perform access reviews across key logical and physical systems within the organization
Respond to tickets and alerts escalated to the GRC team
Work closely with security operations and architecture teams to align and improve information security practices
Qualifications
Minimum of two (2) years of experience within the GRC domain, such as audit, risk management, and security policy management
High School Diploma/GED required; Bachelor's DegreeinCybersecurity, Management Information Systems, Information Technology, or related field desired (relevant work experience may be considered in lieu of a degree)
Familiarity with industry frameworks, such as ISO 27001, NIST 800-53, or NIST CSF strongly preferred
Professional security certifications (e.g., CISSP, CISA, CRISC, etc.) a plus
Strong communication and relationship building skills; ability to articulate complex security concepts to both technical and non-technical audiences required
Foley offers a comprehensive benefit program which currently includes Paid Time Off; Paid Holidays; Medical, Dental and Vision insurance; 401(k) Retirement; Disability and Life insurance; Adoption Assistance; Backup Care for Dependents. Pursuant to the Colorado Equal Pay for Equal Work Act, the salary range for this Denver based position is between $75,100 - $122,500. These figures represent the full compensation range of this position. The actual offered amount will be determined based on the following factors: education, experience, geographic market, and internal pay equity at Foley. We are accepting ongoing applications.
Foley & Lardner LLP is a top ranked law firm with offices throughout the United States and abroad. At Foley we strive to remain true to our core values- our clients, integrity, our people, citizenship, diversity, trust & respect, stewardship & accountability and professional satisfaction. As a result, we offer the highest quality legal counsel to our clients, as well as outstanding professional opportunities for our employees.
Foley employees enjoy a comfortable, yet professional work environment, exceptional benefit package, state-of-the-art technology, work/life balance, great working relationships and much more.
We invite you to consider a career with Foley.
Affirmative Action/Equal Opportunity Employer/M/F/Vet/Disabled.
