Technology Cyber Security Operations Manager

Technology Cyber Security Operations Manager

Cooley is seeking a Technology Cyber Security Operations Manager to join the Information Services team.

Working hours: 1pm to 9pm

Cooley Technology embraces a culture of customer service excellence and all members of the department are expected to move this agenda forward. To that end, the Technology Cyber Security Operations Manager is expected to recognize that the Cooley Technology department is a service organization first and foremost and will be evaluated on this requirement equal in importance to the technical or operational responsibilities outlined later in this document.

• Manage and lead the Technology Cyber Security Team to maintain and monitor the security policies, practices, and systems implemented by the firm
• Review, analyze and monitor security system reports and logs for suspicious activities, trends and patterns. This includes but is not limited to SIEM, web filters, mail gateways, firewalls, encryption systems, anti-malware systems, IDS/IPS
• Provide leadership, guidance, task prioritization, mentoring and annual reviews to the Technology Cyber Security team members
• Develop and monitor Technology security metrics and present security status to Technology management
• Advise Technology management on selection and use of realistic enforcement mechanisms
• Identify and document threats and vulnerabilities that may impact the business and address them regularly with business units
• Develop access control models and roles
• Recommend controls for on-premise and cloud systems to ensure the appropriate level of protection and adherence to the goals of the overall information security strategy
• Develop, implement and lead Security Incident Response teams and troubleshooting efforts on all Technology security related problems
• Provide consultation on any internal investigation that may require forensic analysis
• Develop and execute a firmwide Technology security awareness program; provide on-going communications to staff regarding threats and mitigation steps; develop/execute technical training to Technology staff on security policies/products; track attendance and progress
• Respond to audit findings and present remediation steps to Technology management
• Lead testing of installed systems to ensure protection strategies are properly implemented and functioning as intended
• Provide security analysis on firmwide system changes to the Change Control Board and Architecture Review Board
• Evaluate and recommend commercial security vendors and products. Present the firm with outside vendors and recommend new products/technology to improve security and address business needs
• Work with vendors to put in place acceptable service and response agreements consistent with product and service SLA and response time during security incidents
• Build and maintain TAM relationships with key security providers
• Participate in security and legal forums and organizations to learn new ideas to solve problems
• Serve as direct supervisor and mentor to direct reports
• Provide day-to-day supervision of direct reports, ensure compliance with assigned work hours and monitor for compliance with all firm and department policies. Manage staffing coverage, review and process time logs/time off requests
• Support business professional development and continued educational opportunities
• In collaboration with immediate supervisor and CN HR, participate in hiring, performance appraisals, counseling, termination and other employee lifecycle events
• All other duties as assigned or required

• After orientation at Cooley LLP, exhibit proficiency in the Microsoft Office suite, iManage and other firm applications
• Ability to work extended and/or weekend hours, as required
• Ability to travel, as required
• 5+ years of relevant work experience in information security
• CISSP or equivalent certifications and/or experience
• Proven practical experience in information security and well-rounded knowledge of IT
• Experience working with teams responsible for and working on:
• Cisco routing/switching equipment
• Active Directory and NTFS
• Firewalls
• Intrusion Detection and Prevention Systems
• Antivirus programs and management console
• Web filter/proxy technologies
• Encryption technologies - whole disk, e-mail, and data at rest
• Patch management systems
• Vulnerability scanners
• Forensic tools
• Penetration testing tools
• Data loss prevention
• Email gateways and anti-spam services
• Mobile device management
• Privileged account management systems
• Security information and event management systems
• Two factor authentication systems
• M365 and Microsoft's cloud security suite
• Demonstrated experience evaluating the security posture of vendors and system architecture
• Prior experience implementing and managing incident management programs and systems
• Prior experience managing vendor relationships
• Project management experience
• Participate in a 7x24 on-call rotation

• Prior law firm experience
• Bachelor's degree in Information Technology or Computer…