Job Description

Founded in 1965, Messerli Kramer is a well-established full service law firm based in Minneapolis, Minnesota, with other offices in St. Paul and Plymouth, along with a satellite office in Milwaukee. We have a well- earned reputation within the business community of providing sound, reasoned and comprehensive legal advice. With an emphasis on building lasting relationships with our clients, our professionals take the time to listen and understand their legal issues within the larger framework of their business as a whole. Known for our dedication and responsiveness, our attorneys and staff are focused on finding pragmatic solutions and producing remarkable results for our clients.

Messerli Kramer serves individuals and businesses through three unique, yet complementary divisions. We represent a variety of clients across a series of practice groups: Banking and Finance, Business Litigation, Corporate and Estate Planning, Commercial Real Estate, Family Law, Consumer Collections & Creditor's Remedies and Government Relations.

POSITION SUMMARY

This role is onsite/hybrid in downtown Minneapolis.

The Information Security Governance & Compliance Manager assists the Chief Information Security Officer in overseeing the Firm's Information Security and Governance program and is responsible for risk-based activities including, designing, developing and implementing information security policies, procedures, and standards and monitoring the overall health of the information security program. This role also ensures the firm complies with internal policies and external regulations based on our vendor and client requirements. This individual will be assessing and mitigating risks, monitoring compliance with laws and regulations, and developing strategies to enhance firm governance practices. In addition, this position assesses the information security program compliance with policies, procedures, client frameworks, and industry standards; and assists with overall compliance with industry and customer information security requirements such as GLBA(Gramm-Leach Bliley Act), and PCI(Payment Card industry).

ESSENTIAL FUNCTIONS

• Perform security assessments to determine effectiveness of implemented security controls.
• Assess the security posture of systems throughout their life cycle
• Lead efforts to counter security breaches and anticipate and reduce future security alerts, incidents, and disasters.
• Assist management in identifying risks and actions to monitor, remediate & report via the risk register.
• Lead and review third party and supplier risk management programs and assessments based on each firm division requirements.
• Implement and support Plymouth, St. Paul and Minneapolis security compliance mandates from client contractual agreements.
• Write reports and provide insights on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.
• Assist with Insurance renewal applications specific to required security controls and questionnaires
• Manage and facilitate the IT team's responses to security questionnaire and security audit reviews received from client oversight programs.
• Manage and monitor internal self-audit program
• Monitor and manage response to the vulnerability management program
• Monitor and enforce information security policies
• Assist with outside audit and certification activities including management of security questionnaires
• Advise on content section in established computer security education and awareness programs and design and conduct training ad hoc computer security education
• Apply contemporary business principles integral to a high-tech organization
• Assist with IT vendor management and partner with vendor IT360 and other managed services partners
• Assist IT Management to identify security initiatives and the security budgeting process
• Solve business and technology challenges

POSITION QUALIFICATIONS

• Accountable – Detail oriented, follows through in all areas of support services; accepts and delivers on responsibilities, requires others to follow up and follow through on commitments and responsibilities
• Collaborative – Works and communicate effectively with others to cooperate and accomplish goals
• Innovative – Generates new idea and solutions from self and others
• Quality Conscious – Delivers accuracy and precision in work products, mindful of technical requirements, SLA, rules, and standards
• Problem Solver – Uses data and logic to quickly find solutions to difficult challenges
• Resourceful – Knows how to get what is needed; supervises time and workloads for maximum efficiency
• Results-Driven – Achievement-oriented; achieves and exceeds goals; pushes self and others for results
• Time-Wise – Prioritizes; respects others' time; adheres to schedules and agendas
• Lifetime-Learner – Proactively seeks educate and build new skills

SKILLS & ABILITIES

• Experience working in a regulated environment or legal experience.
• Experience in GLBA, PCI and SOC compliance environments.
• Familiarity with NIST(National Institute of Standards and Technology) SP 800 series, ISO/IEC 27000 series, and similar standards.
• Excellent verbal and written communication skills.
• Ability to work in a high-stress environment.
• Excellent oral, written and interpersonal skills with the ability to influence and work effectively with diverse groups of peers and business partners.
• Detail oriented with a demonstrated ability to work on multiple tasks simultaneously with strong organizational and prioritization skills.
• Demonstrated ability to remain current on the latest technology and best practices in information security.

EXPERIENCE

Must possess 3+ years' experience in information security policy, security authorization, audit, and technical practice.

EDUCATION

B.S. or equivalent in Computer Science, Information Science & Technology, or related field. CISSP, CISA, or CISM preferred. Other information security certifications highly desired.

PHYSICAL DEMANDS

None.

WORK ENVIRONMENT Office suite and remote environment – this position may travel between three locations, Minneapolis, St. Paul, and Plymouth MN, primarily stationed in Minneapolis. Messerli & Kramer currently offers a hybrid work environment where a mix of office and work from home hours are available.

BENEFITS

Messerli Kramer offers a flexible hybrid work environment. We offer competitive salary which includes an annual discretionary bonus based on company results. We provide a comprehensive benefits package including medical (High Deductible and PPO Plan options), dental, vision, life, disability, and 401k retirement benefits and 401K employer contribution. Along with other benefits which include employer (HSA) health savings account contribution, transit and/or a monthly parking reimbursement and onsite gym.

Messerli Kramer is fully committed to equality of opportunity in all aspects of employment. It is the policy of Messerli Kramer to provide equal employment opportunity to all employees and applicants without regard to race, color, religion, national or ethnic origin, military status, veteran status, age, gender, gender identity or expression, sexual orientation, genetic information, physical or mental disability or any other protected status. Reasonable accommodations can be made to enable individuals with disabilities to perform the essential functions.

The company has reviewed this job description to ensure that essential functions and basic duties have been included. It is not intended to be construed as an exhaustive list of all functions, responsibilities, skills and abilities. Additional functions and requirements may be assigned by supervisors as deemed appropriate.

PI94a9664c2178-30492-36102037

Job Tags

Similar Jobs