Ogletree Deakins is one of the largest labor and employment law firms representing management in all types of employment-related legal matters. The firm has 800 lawyers located in 52 offices across the United States, Canada, Europe and Mexico. Ogletree Deakins has been named a Law Firm of the Year six consecutive years by U.S. News – Best Lawyers® “Best Law Firms.” In 2017, the publication named Ogletree Deakins its “Law Firm of the Year” in the Labor Law - Management category. In addition to handling labor and employment law matters, the firm has thriving practices focused on business immigration, employee benefits, and workplace safety and health law. Ogletree Deakins represents a diverse range of clients, from small businesses to Fortune 50 companies.
Our Greenville, SC administrative office has an opportunity for an Information Security Senior Manager to join the firm’s expanding Technology Department.
We are fully committed to the importance of diversity within the legal profession, as well as all workplace environments and strongly encourage the interest of diverse candidates in the firm.
Summary of Position:
The Senior Manager of Information Security will coordinate, develop, evaluate, implement, and administer security programs and policies. Responsible for ensuring IT security is applied to the technology infrastructure and information within our environment in accordance with established policies, procedures and standards. Manages all aspects of Information Security, Data Privacy Compliance, Information Governance Coordination and Information Risk Auditing, including Client Audits, Internal, External, and Vendor.
Successful job applicants will be able to perform these essential functions with or without requested reasonable accommodations:
- Develops, documents and implements information security procedures to enforce compliance with information security standards and policies.
- Oversees and manages the Firm incident response program and procedures.
- Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
- Performs analysis, design, and development of security features for system architectures.
- Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
- Performs and oversees vulnerability/risk analysis of computer systems and applications during all phases of the system development lifecycle.
- Review and provide a Risk Assessment evaluation regarding the implementation of operating system software and applications.
- Develop and maintain a robust security risk management process to thoroughly and accurately assess, evaluate, assign, and remediate security related risks.
- Advise the organization with current data and trends about information security technologies and related regulatory issues. Includes analysis and proposal of security products and services to determine and implement best risk management environment.
- Work with system administrators to evaluate adherence to security policies and guidelines.
- Serve as technical adviser for projects and provides technical support on matters related to information security and monitors the internal control systems to ensure that appropriate security is maintained.
- Establish security metrics to baseline, monitor, and report on security effectiveness and progress.
- Work with external security vendors to augment and supplement various functions of the security program such as penetration tests, vulnerability scans, and general audits.
- Work with various departments, attorneys, and stakeholders regarding the processing and submission of security questionnaires and responses to potential client Requests for Proposals.
- Work with Technology Department Director, Senior Managers, and staff as a stakeholder and advisor for Disaster Recovery and Business Continuity programs.
- Work with various firm stakeholders in the development, maintenance, execution, and effectiveness of the firm’s Security Awareness Program.
- Oversees direct reports for the purpose of supervision, direction, and task management. Conducts evaluations and performance reviews.
- Analyze and review information on emerging cyber threats and actively engage in industry forums on threats and opportunities.
- Make improvement recommendations to managers at all levels to ensure compliance with laws, standards and policies while managing and mitigating business and security risks.