Foley & Lardner
Information Security Specialist (GRC)
Foley & Lardner, Denver, Colorado, United States, 80285
Join to apply for the
Information Security Specialist (GRC)
role at
Foley & Lardner LLP Join to apply for the
Information Security Specialist (GRC)
role at
Foley & Lardner LLP Get AI-powered advice on this job and more exclusive features. Overview
Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. Its a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too. Overview
Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. Its a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too.
Foley & Lardner LLP is currently seeking an Information Security Specialist to join our Governance, Risk, and Compliance (GRC) team within our Information Security department. The Specialist will drive efforts to maintain a secure operating environment in compliance with internal and external requirements. They will be responsible for identifying, assessing, tracking, and driving remediation of Information Security risk within the organization. This individual will work in a team environment and liaise between Security, Technology, and the business to achieve these goals. This may include, but is not limited to, responding to client security inquiries and questionnaires, performing risk assessments against specific technologies, performing third party risk management activities, developing and supporting security awareness and training initiatives, assisting in efforts to maintain ISO27001 compliance, performing contract review, and enhancing policy and procedure documentation.
Responsibilities
Update and review Information Security policies and procedures Assist with the operation of the firms third-party risk management program Respond to assessment and audit requests from clients Coordinate and respond to internal and external assessment requests Review information security requirements for both new and existing contractual agreements with outside parties Assist with the review of contractual agreements with new, current, and prospective clients Update and maintain the firms risk management program and risk register Document risk exception and risk acceptances in accordance with defined policies and procedures Assist in planning for and performing internal and external audits Assist in tracking and remediating findings from penetration tests and other risk assessments/audit activities Assist with the development of security awareness and training materials Assist with ISO surveillance audits, recertification activities, penetration testing activity and internal ISO assessments
Qualifications
High School Diploma or GED required; Bachelor's degree in Management Information Systems, Information Technology, Computer Science, or related field is strongly preferred CISSP, CISA, CRISC, CISM or similar certifications desired Minimum of two (2) years of increasingly substantive roles in Information Security Governance, Risk, and Compliance required Familiarity with at least one (1) of the following industry frameworks: COBIT, ISO 27001, NIST 800-53, NIST CSF, or equivalent framework required Familiarity with information security tools (such as CrowdStrike, ProofPoint, KnowBe4, ZenGRC, Microsoft Defender, etc.) and principles (confidentiality, availability, integrity, least privilege, remediation, security awareness etc.) required Working knowledge of risk management and audit principles Foundational knowledge in Azure or cloud deployment, configuration, and security principles Understanding and familiarity with security principles within Microsoft Office 365 suite Proven and demonstrated communication skills including relationship-building and collaboration skills
In support of transparency and equity in the workplace, Foley provides salary ranges for all positions. The figures below represent the full compensation range of this position. The actual offered amount will be between the range minimum and midpoint based on the following factors: education, experience, geographic market, and internal pay equity at Foley. We are accepting ongoing applications.
Chicago, Dallas, & Denver - $82,700 to $115,800
Washington D.C. - $90,200 to $126,400
Foley offers a comprehensive benefit program which currently includes Paid Time Off; Paid Holidays; Medical, Dental and Vision insurance; 401(k) Retirement; Disability and Life insurance; Adoption Assistance; Backup Care for Dependents.
Affirmative Action/Equal Opportunity Employer/M/F/Vet/Disabled.
About Foley & Lardner
Foley is an Am Law 50 law firm consistently ranked among top-tier practices. With over 1,100 lawyers in 26 offices across the United States, Mexico, Europe, and Asia, our market-leading platform includes Corporate, Intellectual Property, and Litigation. Adding depth to our bench strength, we focus on four primary sectors: Energy, Health Care & Life Sciences, Innovative Technology, and Manufacturing. We look beyond the law to focus on the constantly evolving demands facing our clients and act as trusted business advisors to deliver creative, practical, and effective solutions.
For nearly two centuries, Foley has maintained its commitment to the highest level of innovative legal services and to the stewardship of our people, firm, clients, and the communities we serve. While respecting our roots, were also continuously looking to modernize all aspects of our business and elevate who we are and what we do, which keeps us focused on the future.
Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Law Practice Referrals increase your chances of interviewing at Foley & Lardner LLP by 2x Sign in to set job alerts for Information Security Specialist roles.
Englewood, CO $75,000.00-$105,000.00 1 week ago Englewood, CO $75,000.00-$105,000.00 1 week ago Denver, CO $112,972.00-$192,052.00 6 days ago Denver, CO $108,000.00-$130,000.00 4 days ago Information Systems Security Officer (ISSO)
Information Systems Security Officer (ISSO) III
Buckley AFB, CO $107,900.00-$137,900.00 1 year ago Information Systems Security Officer (ISSO)
Denver, CO $150,000.00-$170,000.00 2 weeks ago Englewood, CO $100,000.00-$168,000.00 5 days ago Denver, CO $140,000.00-$160,000.00 6 hours ago Deputy Chief Information Security Officer
Denver, CO $242,000.00-$279,000.00 15 hours ago Information Systems Security Officer II (Clearance Required)
Broomfield, CO $94,050.00-$129,332.50 1 week ago Information Systems Security Engineer (ISSE)
Staff Security Analyst, Threat Intelligence and Investigations
Information Systems Security Officer (ISSO) - Aurora, CO
Aurora, CO $95,000.00-$135,000.00 1 month ago IT CYBERSECURITY SPECIALIST (SYSANALYSIS/INFOSEC)
Information Security Officer Global Technology
Denver, CO $99,200.00-$145,100.00 2 weeks ago Information Systems Security Manager (ISSM)
Information System Security Officer - Cyber Analyst II
Broomfield, CO $77,809.00-$132,275.00 1 day ago Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
Information Security Specialist (GRC)
role at
Foley & Lardner LLP Join to apply for the
Information Security Specialist (GRC)
role at
Foley & Lardner LLP Get AI-powered advice on this job and more exclusive features. Overview
Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. Its a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too. Overview
Foley & Lardner LLP is a great place to work because of what we do and how we do it. Here, your unique perspectives, experiences, and abilities will be embraced and developed, so you can excel. Being a part of Foley means having the opportunities and resources necessary to gain experience, advance professional goals, and forge meaningful connections. Its a place where you can build your career and enjoy professionally satisfying work. We have over 2,300 people who are #HappyatFoley, and we think you will be too.
Foley & Lardner LLP is currently seeking an Information Security Specialist to join our Governance, Risk, and Compliance (GRC) team within our Information Security department. The Specialist will drive efforts to maintain a secure operating environment in compliance with internal and external requirements. They will be responsible for identifying, assessing, tracking, and driving remediation of Information Security risk within the organization. This individual will work in a team environment and liaise between Security, Technology, and the business to achieve these goals. This may include, but is not limited to, responding to client security inquiries and questionnaires, performing risk assessments against specific technologies, performing third party risk management activities, developing and supporting security awareness and training initiatives, assisting in efforts to maintain ISO27001 compliance, performing contract review, and enhancing policy and procedure documentation.
Responsibilities
Update and review Information Security policies and procedures Assist with the operation of the firms third-party risk management program Respond to assessment and audit requests from clients Coordinate and respond to internal and external assessment requests Review information security requirements for both new and existing contractual agreements with outside parties Assist with the review of contractual agreements with new, current, and prospective clients Update and maintain the firms risk management program and risk register Document risk exception and risk acceptances in accordance with defined policies and procedures Assist in planning for and performing internal and external audits Assist in tracking and remediating findings from penetration tests and other risk assessments/audit activities Assist with the development of security awareness and training materials Assist with ISO surveillance audits, recertification activities, penetration testing activity and internal ISO assessments
Qualifications
High School Diploma or GED required; Bachelor's degree in Management Information Systems, Information Technology, Computer Science, or related field is strongly preferred CISSP, CISA, CRISC, CISM or similar certifications desired Minimum of two (2) years of increasingly substantive roles in Information Security Governance, Risk, and Compliance required Familiarity with at least one (1) of the following industry frameworks: COBIT, ISO 27001, NIST 800-53, NIST CSF, or equivalent framework required Familiarity with information security tools (such as CrowdStrike, ProofPoint, KnowBe4, ZenGRC, Microsoft Defender, etc.) and principles (confidentiality, availability, integrity, least privilege, remediation, security awareness etc.) required Working knowledge of risk management and audit principles Foundational knowledge in Azure or cloud deployment, configuration, and security principles Understanding and familiarity with security principles within Microsoft Office 365 suite Proven and demonstrated communication skills including relationship-building and collaboration skills
In support of transparency and equity in the workplace, Foley provides salary ranges for all positions. The figures below represent the full compensation range of this position. The actual offered amount will be between the range minimum and midpoint based on the following factors: education, experience, geographic market, and internal pay equity at Foley. We are accepting ongoing applications.
Chicago, Dallas, & Denver - $82,700 to $115,800
Washington D.C. - $90,200 to $126,400
Foley offers a comprehensive benefit program which currently includes Paid Time Off; Paid Holidays; Medical, Dental and Vision insurance; 401(k) Retirement; Disability and Life insurance; Adoption Assistance; Backup Care for Dependents.
Affirmative Action/Equal Opportunity Employer/M/F/Vet/Disabled.
About Foley & Lardner
Foley is an Am Law 50 law firm consistently ranked among top-tier practices. With over 1,100 lawyers in 26 offices across the United States, Mexico, Europe, and Asia, our market-leading platform includes Corporate, Intellectual Property, and Litigation. Adding depth to our bench strength, we focus on four primary sectors: Energy, Health Care & Life Sciences, Innovative Technology, and Manufacturing. We look beyond the law to focus on the constantly evolving demands facing our clients and act as trusted business advisors to deliver creative, practical, and effective solutions.
For nearly two centuries, Foley has maintained its commitment to the highest level of innovative legal services and to the stewardship of our people, firm, clients, and the communities we serve. While respecting our roots, were also continuously looking to modernize all aspects of our business and elevate who we are and what we do, which keeps us focused on the future.
Seniority level
Seniority level
Mid-Senior level Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Law Practice Referrals increase your chances of interviewing at Foley & Lardner LLP by 2x Sign in to set job alerts for Information Security Specialist roles.
Englewood, CO $75,000.00-$105,000.00 1 week ago Englewood, CO $75,000.00-$105,000.00 1 week ago Denver, CO $112,972.00-$192,052.00 6 days ago Denver, CO $108,000.00-$130,000.00 4 days ago Information Systems Security Officer (ISSO)
Information Systems Security Officer (ISSO) III
Buckley AFB, CO $107,900.00-$137,900.00 1 year ago Information Systems Security Officer (ISSO)
Denver, CO $150,000.00-$170,000.00 2 weeks ago Englewood, CO $100,000.00-$168,000.00 5 days ago Denver, CO $140,000.00-$160,000.00 6 hours ago Deputy Chief Information Security Officer
Denver, CO $242,000.00-$279,000.00 15 hours ago Information Systems Security Officer II (Clearance Required)
Broomfield, CO $94,050.00-$129,332.50 1 week ago Information Systems Security Engineer (ISSE)
Staff Security Analyst, Threat Intelligence and Investigations
Information Systems Security Officer (ISSO) - Aurora, CO
Aurora, CO $95,000.00-$135,000.00 1 month ago IT CYBERSECURITY SPECIALIST (SYSANALYSIS/INFOSEC)
Information Security Officer Global Technology
Denver, CO $99,200.00-$145,100.00 2 weeks ago Information Systems Security Manager (ISSM)
Information System Security Officer - Cyber Analyst II
Broomfield, CO $77,809.00-$132,275.00 1 day ago Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr