Dieses Stellenangebot ist nicht mehr verfügbar
IG Compliance & Security Analyst
Cooley LLP
- Chicago, Illinois, United States
- Chicago, Illinois, United States
Über
Position summary Cooley Information Services (IS) embraces a culture of customer service excellence and all members of the department are expected to move this agenda forward. To that end, the IG Compliance & Security Analyst is expected to recognize that the Cooley IS Department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.
Position responsibilities
Conduct both internal and external audits to ensure compliance with all industry-mandated regulations
Work on compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures
Monitor activities of assigned IS areas to ensure compliance with internal policies and standards
Participate in the development and implementation of new business initiatives to ensure functionality required to support compliance
Provide guidance to business functions on compliance/security-related matters
Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings
Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables
Conduct formal risk assessment reviews to determine the critical points of business exposure
Evaluate and recommend commercial governance, risk and compliance vendors and tools
Maintain the firm's ISO 27001 certification
Maintain the firm's governance, risk and compliance tools
Answer client assessment and audits to ensure firm compliance
Perform assessments and audits of vendors to ensure compliance with firm security policies and procedures
Develop and maintain metrics that assess the firm's governance, risk and compliance initiatives
Assess and track the firm's compliance to existing and future global regulations in privacy and security
Assess and track the firm's compliance with standard security frameworks such as ISO and NIST
Assist in the identification of risks, threats and vulnerabilities to firm
Track risks and mitigation efforts
Participate in governance, risk and compliance forums and organizations to learn new ideas to solve problems
Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change
Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status
Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile
All other duties as assigned or required
Skills and Experience Required
Ability to work extended and/or weekend hours, as required
Ability to travel, as required
3+ years' experience in governance, risk and compliance (GRC) processes, solutions, information security and auditing; Eligible for consideration of Senior designation with 5+ years' directly applicable work experience
CISSP or equivalent certifications and/or experience
Demonstrated ability to apply IS-related knowledge and experience in solving compliance issues
Background in security controls, auditing, network and system security
Proven practical experience in information security and well-rounded knowledge of IST
Experience with managing and implementing ISO 27001 or NIST compliance
Demonstrated experience evaluating the security posture of vendors and system architecture
Prior experience implementing and running incident management programs and systems
Prior experience handling vendor relationships
Project management experience
Preferred
Bachelor's degree in Information Technology or Computer Information Systems
Prior law firm experience
Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related GIAC
Experience acting in an independent audit function
Experience implementing GDPR, HIPAA, SOC 2 audits
Additional security certifications
Competencies
Exceptional customer service skills
Ability to express technical concepts in business terms
Able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently
Excellent analytical, problem-solving and project management skills
Ability to balance security best practices with business objectives
Proven track record of excellent decision-making, integrity and working with IS management, business users and staff
Excellent oral and written communication skills, including technical and user documentation
Detail orientated and strong organizational skills
Ability to work independently and under high pressure with tight schedules and deadlines
Ability to interact well with all levels of staff
Excellent active listening skills
Ambitious and motivated team player
Capable of grasping new concepts quickly and without prior experience
Ability to interact and coordinate with several teams to achieve objectives
Ability to solve problems independently and simultaneously, effectively managing multiple tasks
Professional demeanor at all times
Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices.
EOE.
The expected annual pay range for this position with a full-time schedule is $88,000 - $124,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience.
We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off ("PTO") and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.
#J-18808-Ljbffr
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.