Information Security Specialist (GRC) - Foley & Lardner : Job Details

Join to apply for the Information Security Specialist (GRC) role at Foley & Lardner LLP Join to apply for the Information Security Specialist (GRC) role at Foley & Lardner LLP Overview Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. It's a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too. Overview Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. It's a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too. Foley & Lardner LLP is currently seeking an Information Security Specialist to join our Governance, Risk, and Compliance (GRC) team within our Information Security department. The Specialist will drive efforts to maintain a secure operating environment in compliance with internal and external requirements. They will be responsible for identifying, assessing, tracking, and driving remediation of Information Security risk within the organization. This individual will work in a team environment and liaise between Security, Technology, and the business to achieve these goals. This may include, but is not limited to, responding to client security inquiries and questionnaires, performing risk assessments against specific technologies, performing third party risk management activities, developing and supporting security awareness and training initiatives, assisting in efforts to maintain ISO27001 compliance, performing contract review, and enhancing policy and procedure documentation. Responsibilities Update and review Information Security policies and procedures Assist with the operation of the firm's third-party risk management program Respond to assessment and audit requests from clients Coordinate and respond to internal and external assessment requests Review information security requirements for both new and existing contractual agreements with outside parties Assist with the review of contractual agreements with new, current, and prospective clients Update and maintain the firm's risk management program and risk register Document risk exception and risk acceptances in accordance with defined policies and procedures Assist in planning for and performing internal and external audits Assist in tracking and remediating findings from penetration tests and other risk assessments/audit activities Assist with the development of security awareness and training materials Assist with ISO surveillance audits, recertification activities, penetration testing activity and internal ISO assessments Qualifications High School Diploma or GED required; Bachelor's degree in Management Information Systems, Information Technology, Computer Science, or related field is strongly preferred CISSP, CISA, CRISC, CISM or similar certifications desired Minimum of two (2) years of increasingly substantive roles in Information Security Governance, Risk, and Compliance required Familiarity with at least one (1) of the following industry frameworks: COBIT, ISO 27001, NIST 800-53, NIST CSF, or equivalent framework required Familiarity with information security tools (such as CrowdStrike, ProofPoint, KnowBe4, ZenGRC, Microsoft Defender, etc.) and principles (confidentiality, availability, integrity, least privilege, remediation, security awareness etc.) required Working knowledge of risk management and audit principles Foundational knowledge in Azure or cloud deployment, configuration, and security principles Understanding and familiarity with security principles within Microsoft Office 365 suite Proven and demonstrated communication skills including relationship-building and collaboration skills In support of transparency and equity in the workplace, Foley provides salary ranges for all positions. The figures below represent the full compensation range of this position. The actual offered amount will be between the range minimum and midpoint based on the following factors: education, experience, geographic market, and internal pay equity at Foley. We are accepting ongoing applications. Chicago, Dallas, & Denver - $82,700 to $115,800 Washington D.C. - $90,200 to $126,400 Foley offers a comprehensive benefit program which currently includes Paid Time Off; Paid Holidays; Medical, Dental and Vision insurance; 401(k) Retirement; Disability and Life insurance; Adoption Assistance; Backup Care for Dependents. Affirmative Action/Equal Opportunity Employer/M/F/Vet/Disabled. About Foley & Lardner Foley is an Am Law 50 law firm consistently ranked among top-tier practices. With over 1,100 lawyers in 26 offices across the United States, Mexico, Europe, and Asia, our market-leading platform includes Corporate, Intellectual Property, and Litigation. Adding depth to our bench strength, we focus on four primary sectors: Energy, Health Care & Life Sciences, Innovative Technology, and Manufacturing. We look beyond the law to focus on the constantly evolving demands facing our clients and act as trusted business advisors to deliver creative, practical, and effective solutions. For nearly two centuries, Foley has maintained its commitment to the highest level of innovative legal services and to the stewardship of our people, firm, clients, and the communities we serve. While respecting our roots, we're also continuously looking to modernize all aspects of our business and elevate who we are and what we do, which keeps us focused on the future. Seniority level Seniority level Mid-Senior level Employment type Employment type Full-time Job function Job function Information Technology Industries Law Practice Referrals increase your chances of interviewing at Foley & Lardner LLP by 2x Sign in to set job alerts for Information Security Specialist roles. United States $45,000.00-$50,000.00 4 hours ago Cyber Security Analyst (Full-time/On-site) Chicago, IL $93,610.00-$154,550.00 1 week ago Greater Chicago Area $70,000.00-$80,000.00 1 month ago Chicago, IL $75,000.00-$85,000.00 1 day ago Chicago - Security and Compliance Analyst Chicago, IL $86,000.00-$100,000.00 23 hours ago Chicago, IL $115,000.00-$138,000.00 4 days ago Greater Chicago Area $108,000.00-$132,000.00 4 weeks ago Cyber Security Analyst - Apprentice / Entry Level Chicago, IL $85,000.00-$100,000.00 1 day ago Oak Brook, IL $80,000.00-$95,000.00 1 week ago Chicago, IL $85,000.00-$100,000.00 11 hours ago Chicago, IL $105,000.00-$125,000.00 5 days ago Information Security Engineer - Applications Oak Brook, IL $95,000.00-$150,000.00 2 days ago Remote Cybersecurity Analyst - $90k-$125k + Equity (Med Device) Chicago, IL $90,000.00-$125,000.00 1 day ago Sr. Information Security Specialist- BCM Lead Rosemont, IL $100,000.00-$140,000.00 1 week ago Des Plaines, IL $100,000.00-$125,000.00 1 week ago Staff Security Analyst, Threat Intelligence and Investigations Rolling Meadows, IL $66,000.00-$128,500.00 2 weeks ago Information Security Officer - Global Technology Chicago, IL $99,200.00-$145,100.00 1 week ago We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr