Compliance and Security Admin
Apply NowCompany: Polsinelli
Location: Birmingham, AL 35242
Description:
At Polsinelli, What a Law Firm Should Be, is not just our tagline, it is what we live every day. We strive to create an environment where our team members are encouraged to bring their creativity and professional passions into the workplace so that they can thrive. Are you a people person who has a keen eye for detail, thrives in a professional environment and wants to be part of a dynamic team? We have the perfect role for an engaging professional like you! Polsinelli is seeking a Compliance & Security Administrator. Reporting to the Director of Information Security, this role can be hired as remote or hybrid, provided the candidate is in a state/jurisdiction wherein we practice.
CORE RESPONSIBILITIES
SPECIFIC TOOLS
The budgeted salary range for this position is $75,000 - $95,000.
As part of full-time employment associated with this position, Polsinelli PC offers the following benefits: Paid time off, sick time off, a referral program, medical insurance and benefits, dental insurance, vision insurance, life insurance, AD&D insurance, ID Theft insurance, long-term disability benefits, short-term disability benefits, Parking/Transit reimbursement (varies depending on location), 401(k) benefits, and employee assistance benefits.
Polsinelli PC is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
CORE RESPONSIBILITIES
- Collects and documents evidence of compliance with applicable policies, procedures, and regulations.
- Maintains policies and procedures to ensure risks are identified and mitigated as the technology environment changes.
- Assists in the review and completion of client requests (e.g. outside counsel guidelines and questionnaires).
- Collaborates with key stakeholders to document technology processes and controls.
- Tests, reviews, analyzes, and recommends updates to controls in technology procedures.
- Facilitates external audits by collecting requested evidence, analyzing requirements, and coordinating overall response.
- Identifies improvements that will strengthen the efficiency and effectiveness of compliance initiatives.
- Maintains documentation of, and reports on, status of compliance activities.
- Analyzes business impact/exposure of emerging security threats, vulnerabilities and risks.
- Coordinates with internal stakeholders to deliver security awareness messages and other messages as required.
- Articulates the security agenda as a member of project teams.
- Participates in third-party (vendor) risk assessment and management processes.
- Coordinates with IT staff as necessary to implement security procedures to mitigate risks.
- Documents and reviews information security requirements.
- Assist with the capture of evidence to support our ISO 27001 information security certification.
- Assists in the development of business continuity plans.
- Assumes additional information security responsibilities as assigned.
- Employees approved for flexible work arrangements are expected to be available and maintain a practice of reliable, consistent attendance at all times during the employees scheduled work shift including, but not limited to, instant message, Teams, Zoom, email and voicemail, and by phone.
SPECIFIC TOOLS
- Data Loss Prevention (Forcepoint, Microsoft Purview, Netskope)
- Document Management System (iManage, NetDocuments)
- Endpoint Detection Response (Crowdstrike, Microsoft Defender)
- Help Desk (Fresh Service, ServiceNow)
- Identity Access Management (Microsoft Active Directory, Okta)
- Privilege Account Management (Beyond Trust, CyberArc)
- Project Management (Planner, Monday.com)
- Vulnerability Management (Qualys, Rapid7, Tenable)
The budgeted salary range for this position is $75,000 - $95,000.
As part of full-time employment associated with this position, Polsinelli PC offers the following benefits: Paid time off, sick time off, a referral program, medical insurance and benefits, dental insurance, vision insurance, life insurance, AD&D insurance, ID Theft insurance, long-term disability benefits, short-term disability benefits, Parking/Transit reimbursement (varies depending on location), 401(k) benefits, and employee assistance benefits.
Polsinelli PC is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)