Manager of Information Security
$135,000 - $165,000/Yr
Polsinelli P.C - Kansas City, MO
posted 25 days ago
Full-time - Manager
Kansas City, MO
Professional, Scientific, and Technical Services
About the position
The Manager of Information Security at Polsinelli PC is responsible for leading the firm's information security initiatives, ensuring compliance with ISO standards, and managing the Third-Party Risk Management Program. This role involves mentoring junior team members, conducting audits, and collaborating with stakeholders to enhance security measures. The position can be remote or hybrid, depending on the candidate's location.
Responsibilities
- Takes a leadership role in training/mentoring junior members of the team.
- Helps maintain ISO 27001 information security and ISO 27701 privacy certifications.
- Leads the Outside Counsel Guidelines, client security questionnaires processes, and client audits.
- Performs the annual business impact assessment and business continuity planning.
- Maintains incident response readiness and compliance documentation.
- Collaborates with stakeholders to document technology processes and controls.
- Tests, reviews, analyzes, and recommends updates to technology controls.
- Facilitates external audits by collecting evidence and coordinating responses.
- Identifies improvements to enhance compliance initiatives.
- Analyzes business impact of emerging security threats and vulnerabilities.
- Participates in third-party risk assessment and management processes.
- Coordinates with IT staff to implement security procedures.
- Monitors information security controls and processes for effectiveness.
- Documents and reviews information security requirements.
- Reviews and classifies security events according to established procedures.
- Manages the Third-Party Risk Management Program.
Requirements
- Bachelor's degree in Information Security or related field.
- 5-10 years of experience in Information Security.
- Certified Information Systems Auditor (CISA) or similar certification.
- CISSP or CISM certification preferred.
- Experience with Azure, SCCM, and other security technologies.
- Knowledge of NIST standards and ISO 27001.
Nice-to-haves
- Experience with data protection and data privacy policies.
- Familiarity with security frameworks like CSF, ISO, MITRE, and NIST.
- Excellent communication and customer service skills.
Benefits
- Paid time off
- Sick time off
- Referral program
- Medical insurance
- Dental insurance
- Vision insurance
- Life insurance
- AD&D insurance
- ID Theft insurance
- Long-term disability benefits
- Short-term disability benefits
- Parking/Transit reimbursement
- 401(k) benefits
- Employee assistance benefits
