Dentons is the world's largest law firm, delivering quality and value to clients around the globe$1. .$1
10,000+
April 24
Loading...
Dentons is the world's largest law firm, delivering quality and value to clients around the globe$1. .$1
10,000+
• Conduct risk assessments of the company's IT systems, processes, and data, and analyze efficiency of existing security controls, identify vulnerabilities and gaps in risk treatments • Respond to customer information security questionnaires and provide evidence of the company's security posture and compliance • Review client and suppliers' agreements in the parts pertaining to information security and ensure compliance with policies and regulations • Perform third-party supplier risk assessments and ensure that they meet the company's security standards and contractual obligations • Develop and update security policies, procedures, and guidelines and ensure they align with the company's objectives, clients, and regulatory requirements • Provide security awareness and training to the company's staff and stakeholders • Monitor and report on the company's security performance and compliance status and recommend corrective actions and improvements • Maintain documentation of compliance activities, including policies, procedures, risk assessments, and audit reports • Assist internal and external assessments and audits to ensure compliance with client requirements and industry-specific regulations such as GDPR, SOX, etc. • Provide guidance and support to business practices on information security-related matters, including data classification, access control, etc. • Research and stay updated on the latest laws and regulations, security trends, threats, and best practices
• At least two years of experience in IT risk management, audit, or compliance focused role in information security • Knowledge of security frameworks, standards, and regulations, such as ISO 27001, NIST, GDPR, SOX etc. • Knowledge of one or more risk management frameworks, knowledge of quantified risk management frameworks is preferred • Understanding of information security principles and practices, proficiency in information security tools and techniques with the ability to identify and mitigate security risks • Strong analytical, problem-solving, and decision-making skills • Excellent communication and interpersonal skills, ability to convey complex information security and risk concepts to non-technical audiences • Ability to work independently and collaboratively in a challenging fast-paced and dynamic environment • Certifications such as CISSP, CISA, CRISC are a plus, but not required
• 11 paid holidays • Generous Accrued Time Off increasing with years of service • Generous paid sick time • Annual day of service
Apply Now