Information Security Governance and Compliance Manager Minneapolis

Company: MESSERLI & KRAMER
Location: Minneapolis
Posted on: November 6, 2024

Job Description:

Information Security Governance and Compliance ManagerMinneapolisThis posting is for our Information Security Governance and Compliance Manager position, based out of the Minneapolis office.About Messerli KramerFounded in 1965, Messerli Kramer is a top-20 law firm in Minnesota, with offices in Minneapolis, St. Paul, and Plymouth, along with satellite offices in Denver, Milwaukee, and Omaha. We have a well-earned reputation within the business community of providing sound, reasoned and comprehensive legal advice. With an emphasis on building lasting relationships with our clients, our professionals take the time to listen and understand their legal issues within the larger framework of their business as a whole.Details/Requirements for the Information Security Governance and Compliance Manager PositionThe Information Security Governance & Compliance Manager assists the Chief Information Security Officer in overseeing the Firm's Information Security and Governance program and is responsible for risk-based activities including, designing, developing and implementing information security policies, procedures, and standards and monitoring the overall health of the information security program. This role also ensures the firm complies with internal policies and external regulations based on our vendor and client requirements.Essential Functions

• Perform security assessments to determine effectiveness of implemented security controls.
• Assess the security posture of systems throughout their life cycle.
• Lead efforts to counter security breaches and anticipate and reduce future security alerts, incidents, and disasters.
• Assist management in identifying risks and actions to monitor, remediate & report via the risk register.
• Lead and review third party and supplier risk management programs and assessments based on each firm division requirements.
• Implement and support security compliance mandates from client contractual agreements.
• Write reports and provide insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.
• Assist with insurance renewal applications specific to required security controls and questionnaires.
• Manage and facilitate the IT team's responses to security questionnaire and security audit reviews received from client oversight programs.
• Manage and monitor internal self-audit program.
• Monitor and manage response to the vulnerability management program.
• Monitor and enforce information security policies.
• Assist with outside audit and certification activities including management of security questionnaires.
• Advise on content section in established computer security education and awareness programs and design and conduct training.
• Apply contemporary business principles integral to a high-tech organization.
• Assist with IT vendor management and partner with vendor IT360 and other managed services partners.
• Assist IT Management to identify security initiatives and the security budgeting process.
• Solve business and technology challenges.Position Qualifications
  • Accountable - Detail oriented, follows through in all areas of support services.
  • Collaborative - Works and communicates effectively with others to cooperate and accomplish goals.
  • Innovative - Generates new ideas and solutions.
  • Quality Conscious - Delivers accuracy and precision in work products.
  • Problem Solver - Uses data and logic to quickly find solutions to difficult challenges.
  • Resourceful - Knows how to get what is needed; supervises time and workloads for maximum efficiency.
  • Results-Driven - Achievement-oriented; pushes self and others for results.
  • Time-Wise - Prioritizes; respects others' time; adheres to schedules and agendas.
  • Lifetime-Learner - Proactively seeks to educate and build new skills.Skills and Abilities Requested
    • Experience working in a regulated environment or legal experience.
    • Experience in GLBA, PCI and SOC compliance environments.
    • Familiarity with NIST SP 800 series, ISO/IEC 27000 series, and similar standards.
    • Excellent verbal and written communication skills.
    • Ability to work in a high-stress environment.
    • Detail oriented with a demonstrated ability to work on multiple tasks simultaneously.
    • Demonstrated ability to remain current on the latest technology and best practices in information security.Experience RequestedMust possess 3+ years' experience in information security policy, security authorization, audit, and technical practice.Education RequestedB.S. or equivalent in Computer Science, Information Science & Technology, or related field. CISSP, CISA, or CISM preferred. Other information security certifications highly desired.Work EnvironmentOffice suite and remote environment - this position may travel between three locations, primarily stationed in Minneapolis. Messerli & Kramer currently offers a hybrid work environment where a mix of office and work from home hours are available.BenefitsMesserli Kramer offers a flexible hybrid work environment. We provide a comprehensive benefits package including medical, dental, vision, life, disability, 401k retirement benefits, and other benefits.Messerli Kramer is fully committed to equality of opportunity in all aspects of employment. It is the policy of Messerli Kramer to provide equal employment opportunity to all employees and applicants.
      #J-18808-Ljbffr

Keywords: MESSERLI & KRAMER, St. Paul , Information Security Governance and Compliance Manager Minneapolis, Executive , Minneapolis, Minnesota