Experience Inc. Jobs

JOB REQUIREMENTS: Information Security Risk Specialist US-IL-Chicago \| US-WI-Milwaukee \| US-Washington DC \| US-TX-Dallas \| US-MA-Boston \| US-UT-Salt Lake City \| US-FL-Tampa \| US-CO-Denver ID 2024-3105 Category Information Technology/Security Type Regular Full-Time FLSA Status Exempt Scheduled Hours 40+ Workplace Hybrid Overview Foley & Lardner LLP is looking for an Information Security Specialist to join our Information Security Governance, Risk, and Compliance (GRC) team. The GRC team drives efforts to maintain a secure operating environment in compliance with internal and external requirements, and is responsible for the identification, assessment, tracking, and remediation of information security risk within the organization. The Security Specialist will work in a team environment and liaise with cross-functional partners to achieve these efforts.This may include, but is not limited to, responding to external security inquiries and questionnaires, performing risk assessments against specific technologies, performing third party risk management activities, assisting in efforts to maintain ISO 27001 compliance, and enhancing policy and procedure documentation. Responsibilities Update and maintain the firm\'s risk management program and risk register; document risk exception and risk acceptances in accordance with defined policies and procedures Facilitate examinations by security assessors and auditors for compliance obligations, such as ISO 27001, and other external requirements Support the firm\'s third party risk management program, including vendor assessments and review of contractual security requirements Track and drive the remediation of findings from assessment and audit activities Update and review security policies and procedures Develop and enhance security awareness and training materials and activities Perform access reviews across key logical and physical systems within the organization Respond to tickets and alerts escalated to the GRC team Work closely with security operations and architecture teams to align and improve information security practices Qualifications Minimum of two (2) years of experience within the GRC domain, such as audit, risk management, and security policy management High School Diploma/GED required; Bachelor\'s DegreeinCybersecurity, Management Information Systems, Information Technology, or related field desired (relevant work experience may be considered in lieu of a degree) Familiarity with industry frameworks, such as ISO 27001, NIST 800-53, or NIST CSF strongly preferred Professional security certifications (e.g., CISSP, CISA, CRISC, etc.) a plus Strong communication and relationship building skills; ability to articulate complex security concepts to both technical and non-technical audiences required Foley offers a comprehensive benefit... For full info follow application link. Affirmative Action/Equal Opportunity Employer/M/F/Vet/Disabled. ***** APPLICATION INSTRUCTIONS: Apply Online: ipc.us/t/46AC22B9FF8542AF Qualified females, minorities, and special disabled veterans and other veterans are encouraged to apply.