Information Security Governance and Compliance Manager Minneapolis
Company: MESSERLI & KRAMER
Location: Minneapolis
Posted on: November 6, 2024
Job Description:
Information Security Governance and Compliance
ManagerMinneapolisThis posting is for our Information Security
Governance and Compliance Manager position, based out of the
Minneapolis office.About Messerli KramerFounded in 1965, Messerli
Kramer is a top-20 law firm in Minnesota, with offices in
Minneapolis, St. Paul, and Plymouth, along with satellite offices
in Denver, Milwaukee, and Omaha. We have a well-earned reputation
within the business community of providing sound, reasoned and
comprehensive legal advice. With an emphasis on building lasting
relationships with our clients, our professionals take the time to
listen and understand their legal issues within the larger
framework of their business as a whole.Details/Requirements for the
Information Security Governance and Compliance Manager PositionThe
Information Security Governance & Compliance Manager assists the
Chief Information Security Officer in overseeing the Firm's
Information Security and Governance program and is responsible for
risk-based activities including, designing, developing and
implementing information security policies, procedures, and
standards and monitoring the overall health of the information
security program. This role also ensures the firm complies with
internal policies and external regulations based on our vendor and
client requirements.Essential Functions
- Perform security assessments to determine effectiveness of
implemented security controls.
- Assess the security posture of systems throughout their life
cycle.
- Lead efforts to counter security breaches and anticipate and
reduce future security alerts, incidents, and disasters.
- Assist management in identifying risks and actions to monitor,
remediate & report via the risk register.
- Lead and review third party and supplier risk management
programs and assessments based on each firm division
requirements.
- Implement and support security compliance mandates from client
contractual agreements.
- Write reports and provide insights on the efficacy of the
current security policies, incident responses, disaster recovery
plans, and other security-related information.
- Assist with insurance renewal applications specific to required
security controls and questionnaires.
- Manage and facilitate the IT team's responses to security
questionnaire and security audit reviews received from client
oversight programs.
- Manage and monitor internal self-audit program.
- Monitor and manage response to the vulnerability management
program.
- Monitor and enforce information security policies.
- Assist with outside audit and certification activities
including management of security questionnaires.
- Advise on content section in established computer security
education and awareness programs and design and conduct
training.
- Apply contemporary business principles integral to a high-tech
organization.
- Assist with IT vendor management and partner with vendor IT360
and other managed services partners.
- Assist IT Management to identify security initiatives and the
security budgeting process.
- Solve business and technology challenges.Position
Qualifications
- Accountable - Detail oriented, follows through in all areas of
support services.
- Collaborative - Works and communicates effectively with others
to cooperate and accomplish goals.
- Innovative - Generates new ideas and solutions.
- Quality Conscious - Delivers accuracy and precision in work
products.
- Problem Solver - Uses data and logic to quickly find solutions
to difficult challenges.
- Resourceful - Knows how to get what is needed; supervises time
and workloads for maximum efficiency.
- Results-Driven - Achievement-oriented; pushes self and others
for results.
- Time-Wise - Prioritizes; respects others' time; adheres to
schedules and agendas.
- Lifetime-Learner - Proactively seeks to educate and build new
skills.Skills and Abilities Requested
- Experience working in a regulated environment or legal
experience.
- Experience in GLBA, PCI and SOC compliance environments.
- Familiarity with NIST SP 800 series, ISO/IEC 27000 series, and
similar standards.
- Excellent verbal and written communication skills.
- Ability to work in a high-stress environment.
- Detail oriented with a demonstrated ability to work on multiple
tasks simultaneously.
- Demonstrated ability to remain current on the latest technology
and best practices in information security.Experience RequestedMust
possess 3+ years' experience in information security policy,
security authorization, audit, and technical practice.Education
RequestedB.S. or equivalent in Computer Science, Information
Science & Technology, or related field. CISSP, CISA, or CISM
preferred. Other information security certifications highly
desired.Work EnvironmentOffice suite and remote environment - this
position may travel between three locations, primarily stationed in
Minneapolis. Messerli & Kramer currently offers a hybrid work
environment where a mix of office and work from home hours are
available.BenefitsMesserli Kramer offers a flexible hybrid work
environment. We provide a comprehensive benefits package including
medical, dental, vision, life, disability, 401k retirement
benefits, and other benefits.Messerli Kramer is fully committed to
equality of opportunity in all aspects of employment. It is the
policy of Messerli Kramer to provide equal employment opportunity
to all employees and applicants.
#J-18808-Ljbffr
Keywords: MESSERLI & KRAMER, Eden Prairie , Information Security Governance and Compliance Manager Minneapolis, Executive , Minneapolis, Minnesota
Didn't find what you're looking for? Search again!
Loading more jobs...