Technology Security Auditor
The primary responsibilities of this position are auditing Firm systems and processes for compliance with the standards set by firm management, making recommendations for securing firm data systems, and assisting in securing of the Firm’s network, servers, desktops and laptops. This position will stay informed of security risks, threats and requirements facing the firm and assist in developing policies, strategies, training, and systems to protect firm systems. Conduct regular audits of all firm systems for vulnerabilities and to ensure compliance with the standards set out by the Firm’s Information Security Management Team. Audit results, along with recommendations for correcting any vulnerabilities discovered, will then be reported to IT management. And keep abreast of risks and vulnerabilities and communicate with the Director of Cybersecurity and appropriate personnel to ensure compliance with policies. This position will also assist the Director of Cybersecurity in responding to client security audits and security questions posed by clients and potential clients.
JOB DUTIES AND RESPONSIBILITIES
- Recommend measures to secure firm data systems
- Assist IT staff in securing the systems and devices that fall under their area of responsibility
- Conduct internal security audits to verify that the security procedures and measures required by IT and firm management are met
- Recommend corrective action for any security issues identified
- Advise IT management on changing security threats and requirements
- Provide second tier support to the firm’s Help Desk and other IT staff as needed
- Monitor and maintain security solutions
- Collaborate with network and server administrators to ensure efficient and secure operations
- Provide or assist in drafting documentation on risks, vulnerabilities, and noncompliance issues
- Assist in responding to client security audits, questionnaires and security related questions found in RFPs
- Travel and work overtime as necessary
- Demonstrate strong organizational, as well as verbal and written skills
- Perform other duties as assigned
- High School education or equivalent
- Bachelor’s degree given preference
- At least five years’ experience with computer software and hardware to include networking, server, desktop, and cloud systems in an information security role
- Understanding of antivirus, encryption, security patching, VPN, SSL, and basic endpoint, server and network security principles
- Experience maintaining and utilizing a vulnerability management system
- GSEC, Security+, CISA, SSCP, or equivalent will be preferred
Complexity of Decisions
- Ability to work unsupervised
- Energetic team player
- Attention to detail
- Ability to deal with computer and software vendors through resolution of issues
- Normal effort of general office work typically including bending, moving and lifting up to 25 pounds
Contact with Others
- Excellent interpersonal communications skills to interact with executives and all employees
No recruiter calls at this time.
Kutak Rock LLP is an Equal Opportunity/Affirmative Action Employer committed to sustaining a culturally and ethnically diverse working environment and to principles that promote inclusive practices. All qualified applicants receive consideration for employment without regard to race, color, creed, ancestry, national origin, religion, sex, age, marital status, domestic partner status, pregnancy, caregiver status, gender stereotyping, sexual orientation, gender identity, genetic information, AIDS/HIV status, handicap or disability, or status as a Vietnam era or special disabled veteran, or any other legally protected category. The firm will provide reasonable accommodation for individuals protected by Section 503 of Rehabilitation Act of 1973, the Vietnam Era Veterans’ Readjustment Assistance Act of 1974, and Title I of the Americans with Disabilities Act of 1990. Applicants requiring accommodation in the job application process should contact the Human Resources Department at 402-346-6000 or by emailing HRDepartment@KutakRock.com.
Kutak Rock LLP does not accept unsolicited referrals or resumes through our website from any source other than directly from candidates. We will not consider unsolicited referrals and/or resumes from vendors through our website including and without limitation, search firms, staffing agencies, fee-based referral services and recruiting agencies. Unsolicited referrals and resumes sent to Kutak Rock LLP are deemed gratuitous, and the firm will not be obligated or bound in any way to pay any referral or other fee if a person referred to us through our website is hired from a source other than from the candidate.