The Manager of Information Security and Compliance is responsible for developing and maintaining the firm's information security and compliance program to ensure information assets are adequately protected. Specific responsibilities include, but are not limited to, participating in the development of security policies, processes, standards and guidelines; working with firm leaders to facilitate solutions that bring about acceptable levels of residual risk; managing compliance audits; developing and conducting security training; managing security incidents and events; performing internal security audits, and managing other security and risk management projects, as necessary.
The successful candidate will have the following:
' Bachelors Degree in Computer Science, Business or related field required
' Minimum of 7 years information technology experience, including a minimum of 3 years experience in IT security and/or related functions, (e.g., IT audit and IT Risk Management) including a combination of compliance, auditing, and knowledge of ISO 27002 framework.
' Minimum of 4 years of project management experience preferred
' Demonstrated knowledge and understanding of relevant compliance and regulatory requirements
' Demonstrated experience with Information Security controls and related technologies such as intrusion detections systems, vulnerability scanning systems, authentication systems, Windows systems, application level security, network flow-based monitoring tools and distributed denial of service mitigation methodologies
' Proficient understanding of IP network design/operation in both LAN and global WAN environment and experience with information security internal and external audits, contract compliance, and quality initiatives
' Certification of Information Systems Security Professional (CISSP), Certified information Systems Auditor (CISA), Certified Information Security Manager (CISM) or similar credentials required
' Strong verbal and written communication skills
' Strong analytical ability and problem solving skills
' Ability to work effectively in a team-oriented IT environment
' Ability to work independently
' Demonstrated ability to manage multiple projects
The successful candidate must also have flexibility in the work schedule to respond to scheduled maintenance events and/or off hour issue resolution.
Morgan, Lewis & Bockius LLP is an Equal Opportunity Employer. M/F/D/V
Morgan Lewis - 10 months ago
Long a leading Philadelphia law firm, Morgan, Lewis & Bockius these days extends its reach well beyond the City of Brotherly Love. The...