Cybersecurity Manager

The Cybersecurity Manager will be comfortable both diving into technical details to solve challenges as well as collaborating with others to ensure the analysis informs decision-making and the deployment of secure systems.

The ideal candidate will have hands-on experience attacking and defending IT infrastructure, a deep knowledge of Active Directory and PowerShell scripting, and a track record of assessing risks, prioritizing remediation, and leading those security projects to completion. This role requires a service-focused, curious and creative professional with a passion for evolving trends in cybersecurity, the legal industry and technology. This position provides a unique opportunity to make a real difference within a growing organization.

‍

‍

‍

• Collaborate to develop the vision, strategic plan and prioritization of the firm budget for security and compliance improvements, including verifying business requirements, determining appropriate solutions and associated costs.
• Ensure policies, procedures and compliance obligations are being executed and amend, as necessary, to adhere to the latest legal protocols for information governance, security, and privacy mandates.
• Deliver an exceptional level of service while acting as a primary point of contact for security for all stakeholder groups within the organization to include Attorney Practice Groups, Administration, Human Resources, Accounting, Litigation Support, MB Strategies and MB Consulting.
• Lead security reviews of proposed and existing IT solutions.
• Identify vulnerabilities - assessing risk and business impact - and mitigations across a variety of areas such as IT architecture, software configuration, physical security, vendors and support agreements.
• Take ownership of the monitoring and logging infrastructure (SIEM) to improve alerting and reporting; assist with triage of alerts.
• Lead Incident Response (IR) and Disaster Recovery (DR) planning, training, and exercises.
• Liaison with existing security partners to drive vulnerability scanning, penetration testing, and other security efforts.
• Maintain the confidentiality, integrity, accessibility and legal compliance of all department documents and records, both in paper and electronic formats.
• Conduct ongoing security awareness training to inform workforce member understanding of security requirements.
• Audit and evaluate the implementation of security controls, awareness training, IT solutions, and other process optimization projects.
• Manage record-keeping that informs external requests and audits, monthly performance reports, annual risk assessment reports, and evaluation of cybersecurity policies, processes and controls

‍

• Bachelors’ degree in Information Security, Computer Science, or relevant field is preferred
• Additional education and certifications preferred (ex. CISSP, CISM, CIPP, CEH, CCSP)
• 5+ years of hands-on experience with vulnerability management tools and strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple systems, device configurations, databases and servers – both hardware and software.
• Experience with information security standards and frameworks (e.g. HIPAA, NIST).
• Understanding how to translate technical gaps to business risk is critical for communication in this role.
• Experience working in the Legal Industry or another Professional Services field is a plus.
• Experience with overcoming operational challenges, maximizing technology resources to implement change.
• Excellent interpersonal and communication skills; including the ability to effectively communicate verbally and in-writing at all levels of the organization.
• Ability to work effectively in a collaborative, team-focused environment where every member is willing to pitch in and help others with fluctuating workloads.
• Ability to work independently, effectively time-managing and prioritizing one’s own workload.
• Upbeat and positive attitude with a strong "client first" mindset and well-developed customer service skills.

‍

‍