Talent.com
Cyber Security Compliance Manager - ISO 27001

Cyber Security Compliance Manager - ISO 27001

Blue Bridge PeopleBoston, MA, US
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
  • serp_jobs.job_card.permanent
job_description.job_card.job_description

Cyber Security Compliance Manager - ISO 27001

This range is provided by Blue Bridge People. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

155,000.00 / yr - $175,000.00 / yr

Additional compensation types

Annual Bonus

This is a direct hire role that would sit 2-3 days a week in the client's Boston or Washington DC offices.

About the Role :

We are seeking an experienced Information Security Compliance Manager with a background in professional services or law firm environments to lead compliance initiatives and oversee security audits. This role requires extensive expertise in ISO 27001 audits and will be a key driver in ensuring the firm's security policies and risk management processes align with regulatory and client requirements. Working closely with the Director of Information Security , the selected candidate will play a strategic leadership role in safeguarding the firm's data and technology infrastructure while maintaining compliance with client-mandated security standards.

Key Responsibilities :

  • Approve risk decisions and policy exceptions in coordination with the Director of Information Security , ensuring alignment with the firm's security strategy.
  • Supervise the Cyber Security Compliance Analyst , guiding risk assessments, vulnerability management, security process audits, and compliance reporting.
  • Lead and oversee ISO 27001 audits , including internal assessments and firm-wide compliance efforts.
  • Manage client-driven cybersecurity audits and ensure adherence to security-related Outside Counsel Guidelines (OCGs)
  • Support information security governance within system development, covering production acceptance, change management, user administration, security logging, and secure workflow processes.
  • Administer the firm's application security review process , ensuring new technology services comply with security policies.
  • Monitor and enhance security incident response processes, prioritizing and addressing security threats effectively.
  • Lead enterprise-wide security projects , implementing best-in-class security protections to safeguard firm and client data.
  • Act as a trusted cybersecurity advisor , fostering a culture of security awareness across the firm.
  • Provide professional client service , ensuring internal and external stakeholders receive clear, proactive communication regarding security policies and initiatives.
  • Take on additional responsibilities as needed to support the firm's security and compliance objectives.

What You Will Bring :

  • Extensive experience with ISO 27001 audits and other major cybersecurity frameworks (NIST, SOC 2, etc.), preferably in a law firm or professional services environment
  • Strong technical background in security risk management, compliance, and regulatory requirements for the legal industry.
  • Hands-on experience with cybersecurity tools, security logging, risk analysis, vulnerability management, and governance frameworks
  • Proficiency in network security, databases, and enterprise system operations
  • Exceptional ability to analyze risks, anticipate obstacles, and develop strategic security solutions
  • Proven leadership experience in managing security teams and projects, with strong decision-making and communication skills.
  • Ability to influence senior leadership and collaborate with cross-functional teams on security compliance initiatives.

    • Required Qualifications :

  • Bachelor's Degree in Cybersecurity, Computer Science, or a related technical field
  • Security certification preferred (CISSP, CISM, CRISC, or equivalent)
  • Minimum 5 years of experience supporting information security in a law firm or professional services environment
  • Supervisory experience within a cybersecurity organization

    • Seniority level

    Mid-Senior level

    Employment type

    Full-time

    Job function

    Information Technology

    Industries

    Business Consulting and Services

    J-18808-Ljbffr

    serp_jobs.job_alerts.create_a_job

    Cyber Security Manager • Boston, MA, US