Ogletree Deakins is one of the largest labor and employment law firms representing management in all types of employment-related legal matters. The firm has 800 lawyers located in 52 offices across the United States, Canada, Europe and Mexico. Ogletree Deakins has been named a Law Firm of the Year six consecutive years by U.S. News – Best Lawyers® “Best Law Firms.” In 2017, the publication named Ogletree Deakins its “Law Firm of the Year” in the Labor Law - Management category. In addition to handling labor and employment law matters, the firm has thriving practices focused on business immigration, employee benefits, and workplace safety and health law. Ogletree Deakins represents a diverse range of clients, from small businesses to Fortune 50 companies.
Our Greenville, SC administrative office has an opportunity for an Information Security Senior Manager to join the firm’s expanding Technology Department.
We are fully committed to the importance of diversity within the legal profession, as well as all workplace environments and strongly encourage the interest of diverse candidates in the firm.
Summary of Position:
The Senior Manager of Information Security will coordinate, develop, evaluate, implement, and administer security programs and policies. Responsible for ensuring IT security is applied to the technology infrastructure and information within our environment in accordance with established policies, procedures and standards. Manages all aspects of Information Security, Data Privacy Compliance, Information Governance Coordination and Information Risk Auditing, including Client Audits, Internal, External, and Vendor.
Successful job applicants will be able to perform these essential functions with or without requested reasonable accommodations:
Develops, documents and implements information security procedures to enforce compliance with information security standards and policies.
Oversees and manages the Firm incident response program and procedures.
Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
Performs analysis, design, and development of security features for system architectures.
Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
Performs and oversees vulnerability/risk analysis of computer systems and applications during all phases of the system development lifecycle.
Review and provide a Risk Assessment evaluation regarding the implementation of operating system software and applications.
Develop and maintain a robust security risk management process to thoroughly and accurately assess, evaluate, assign, and remediate security related risks.
Advise the organization with current data and trends about information security technologies and related regulatory issues. Includes analysis and proposal of security products and services to determine and implement best risk management environment.
Work with system administrators to evaluate adherence to security policies and guidelines.
Serve as technical adviser for projects and provides technical support on matters related to information security and monitors the internal control systems to ensure that appropriate security is maintained.
Establish security metrics to baseline, monitor, and report on security effectiveness and progress.
Work with external security vendors to augment and supplement various functions of the security program such as penetration tests, vulnerability scans, and general audits.
Work with various departments, attorneys, and stakeholders regarding the processing and submission of security questionnaires and responses to potential client Requests for Proposals.
Work with Technology Department Director, Senior Managers, and staff as a stakeholder and advisor for Disaster Recovery and Business Continuity programs.
Work with various firm stakeholders in the development, maintenance, execution, and effectiveness of the firm’s Security Awareness Program.
Oversees direct reports for the purpose of supervision, direction, and task management. Conducts evaluations and performance reviews.
Analyze and review information on emerging cyber threats and actively engage in industry forums on threats and opportunities.
Make improvement recommendations to managers at all levels to ensure compliance with laws, standards and policies while managing and mitigating business and security risks.
Bachelor's degree in Management Information Systems, Information Security, Information Technology, Information Systems Management, or related field preferred.
7+ years of experience in an Information Security related role with at least 5 years of experience in a management capacity relating to information security and policy.
CISSP and/or CISA certifications required.
Experience developing, implementing, and evaluating IT security standards, procedures, industry and regulatory/compliance best practices.
Demonstrated security administration, execution, and documentation experience with enterprise grade network and security infrastructure.
Understanding of key security technologies such as encryption, TCP/IP, HTTP, DNS, web application security, data loss prevention, mobile device management, etc.
Strong familiarity with control frameworks (e.g., ISO, COBIT, JSOX and NIST).
Expert knowledge and experience with following technologies : Firewalls, Intrusion Prevention/Detection Systems, Dual-factor Authentication, Endpoint Security and Security Information and Event Management Tools
Experience establishing and maintaining a roadmap, including improvements to existing capabilities and new opportunities.
Demonstrated knowledge of vulnerability scanning tools.
Exposure to techniques for defending networks against broad-based security attacks and Advanced Persistent Threat factors.
Practical knowledge of network protocols.
Familiar with common security tools such as IDS, IPS, Firewalls, E-mail gateways, Proxies, etc.
Experience with structured SE process such as SDLC, including requirements analysis and development of required work products.
Proven ability to establish, maintain, and administer an effective security program at the enterprise level.
Proven ability to collaborate and coordinate with all levels of management and leadership.
Ogletree Deakins offers a robust suite of benefits for our Staff including: Paid Time Off, Sick Time, a 401K matching program, Profit Sharing, 9 Paid Holidays, affordable Health and Life Insurance including Dental & Vision coverage, Health Savings Account (HSA)/Flexible Spending Accounts (FSAs) to help offset the cost of dependent care and/or health care expenses, Teladoc (24/7 access to a doctor by phone or online video), Tuition Reimbursement and an EAP Program.
Equal Opportunity Employer.
We are not working with outside recruiters for this position.
Ogletree Deakins is one of the largest labor and employment law firms representing management in all types of employment-related legal matters. The firm has a reputation for legal excellence and responsive client service. Ogletree Deakins' labor and employment practice is complemented and supported by related practice groups in the areas of business immigration, litigation, employee benefits, occu...pational safety and health, and construction law.
With offices throughout the United States and in Europe, Canada, and Mexico, the firm represents a diverse range of clients. Our depth of experience in labor and employment law has produced a successful track record for our clients - Fortune 50 corporations to start-up companies.
Although the size and scope of our practice has grown over the past quarter century, our core values remain constant. We are committed to personalized attention, innovative solutions and old-fashioned hard work.
Our approach to providing clients with the resources to solve today's business challenges is always forward-thinking and strategic. We remain committed to providing our clients with an insider's view of the workplace issues of the day.