Reports to Chief Technology Officer and Chief Product Officer, Porzio Life Sciences
We are looking for a cybersecurity manager to join our team. In the role, you will operate independently and as part of a team to develop and enforce cybersecurity standards and protocols throughout our organizations. This position leads the development and maintenance of security governance processes, and is responsible for ensuring the protection of all information assets, including technology based products, from loss, disclosure, alteration, destruction, and unavailability. The CyberSecurity Manager will closely collaborate with the law firm and its three subsidiaries to implement and execute policies, procedures, standards, baselines, and controls.
- Communicate Risks to Executive Management: The CyberSecurity Manager is responsible for understanding the business objectives of the organization. With this understanding, the CyberSecurity Manager will perform risk assessments of the environment, and subsequently communicate these risks to executive management.
- Budget for Information Security Activities: The CyberSecurity Manager, with the Chief Technology Officer, will prepare a budget to manage the information security program and will ensure that information security is included in the Information Technology budgets.
- Ensure Development of Policies, Procedures, Baselines, Standards and Guidelines: The CyberSecurity Manager will be responsible for ensuring that the security policies, procedures, baselines, standards, and guidelines that address Porzio's information security requirements are created, presented to the Privacy Officer and Chief Technology Officer to be formalized, implemented to the environment and enforced.
- Manage certification processes: The Cybersecurity manager will manage the ISO 27001 certification process and may manage the process for certifying Porzio Life Sciences to other standards as well.
- Provide Security Awareness Program: The CyberSecurity Manager will provide leadership and input to the information security awareness program by ensuring that the training and awareness programs are delivered in a meaningful, understandable way to the intended audience.
- Understand Business Objectives: The success of the CyberSecurity Manager depends on a clear understanding of the law firm and its subsidiaries' vision, mission, objectives/goals and plans, and the ability to implement security initiatives according with these objectives.
- Maintain Awareness of Emerging Threats and Vulnerabilities: The threat environment is constantly changing, and as such, it is the CyberSecurity Manager’s responsibility to keep up with these changes.
- Evaluate Security Incidents and Response: The CyberSecurity Manager must have the necessary skills to evaluate security incidents; provide the proper responses to such incidents and closely collaborate with the Porzio IT team when responding to such incidents.
- Maintain and improve Security Compliance Program: The CyberSecurity Manager will perform periodic compliance checks through internal or external inspection, to ensure that procedures, checklists, and baselines are documented and are properly followed.
- Establish Security Metrics: The CyberSecurity Manager will design and collect measurements to assess the adequacy of existing security controls; improve these controls when necessary and provide this information to the Executive Management.
- Ensure Compliance with Government Regulations: The CyberSecurity Manager must be aware of emerging regulatory developments to enable the organization to respond in a timely manner.
- Collaborate with the IT and product teams: The CyberSecurity Manager must closely collaborate with other teams to ensure that all security initiatives implemented by IT Services are equally applied to the Porzio environment.
- Emerging Technologies: The CyberSecurity Manager must stay on top of emerging technologies to ensure that appropriate solutions are in place for the organization.
- Provide response to client RFP's and Audits as related to IT Security.
EDUCATION, EXPERIENCE, AND OTHER REQUIREMENTS
- Bachelor's Degree required – preferably in computer science
- Relevant certifications desirable (CISSP, CISM)
- Maintain level of systems knowledge by attending webinars, seminars, and ongoing training
- Communicate regularly to CTO and CPO
- Must provide proof of COVID-19 vaccination
We are an equal opportunity employer. Women and minorities are encouraged to apply.