Cyber Security Risk Analyst
Job Details
Description
Kilpatrick, a large international law firm, is seeking a Cyber Security Risk Analyst for our Information Technology Department in our Atlanta, Chicago, Dallas, Houston, Raleigh or Winston-Salem office.
This position will be part of our team of attorneys, paralegals and support staff providing a high level of service to both internal and external clients.
At Kilpatrick we are one team where each person plays an integral role in serving the needs of our clients. The firm has a strong dedication to its employees, values, diversity and inclusion initiatives and commitment to the community.
This position is responsible for managing and maintaining the firm’s Information Security Management System, in support of the ISO 27001 certification program.
The Cyber Risk Analyst supports information risk management efforts at Kilpatrick and works with risk and remediation owners as it relates to risk treatment options.
The Cyber Risk Analyst will also manage the client security inquiry process at Kilpatrick, which includes responding to client questionnaires and managing client audits.
This position is responsible for maturing Kilpatrick’s vendor risk management program, which will assess third parties from a security and risk perspective based on Kilpatrick’s standards and requirements.
The Cyber Risk Analyst will work closely with various departments across the firm.
ESSENTIAL JOB FUNCTIONS :
Responsible for managing and maintaining the firm’s Information Security Management System, in support of the ISO 27001 certification program.
Including maintaining oversight of all relevant policies, procedures, and control effectiveness.
Support information risk management efforts at Kilpatrick working with risk and remediation owners as it relates to risk treatment options.
Manage key performance and key risk indicators to demonstrate progress and the current risk posture.
- Manage the client security inquiry process at Kilpatrick, including responding to client questionnaires and managing client audits.
- Responsible for maturing Kilpatrick’s vendor risk management program, assessing third parties from a security and risk perspective based on Kilpatrick’s standards and requirements.
KNOWLEDGE / SKILLS REQUIRED :
- Bachelor’s Degree required; BS in Computer Science, Engineering or Business Administration preferred.
- Certifications such as CISSP, CISM, CRISC, CISA, etc. preferred.
- Expertise in IT Governance, Risk, and Compliance
- Expertise in applying reasonable security controls to manage risk while enable business processes.
- Strong familiarity with the ISO 27001 certification efforts and maintaining an ISMS.
- Familiar with measuring KPIs / KRIs.
- Critical thinking skills to address complex problems.
- Demonstrated ability to roll-up their sleeves and help implement solutions.
- Ability to translate and communicate technical security concepts in terms of business risk.
- Ability to support and recommend risk-based decisions.
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues and products as required.
- Ability to present ideas in business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
This is a full-time, regular position with a multi-faceted health benefit package including medical, dental, and vision.
The firm also offers life insurance, short term disability plans and retirement plans in addition to holidays and paid time off.
The firm offers hybrid work schedules combining in office work days as well as remote work days. The pay range for this position in Atlanta, Chicago, Dallas and Houston only is $117,700 to $176,500 annually, and in North Carolina only is $111,500 to $167,300 annually.
Selected applicants will be contacted. Kilpatrick is an Equal Opportunity
Employer.