Chief Information Security Officer (CISO) - Cleveland, Ohio - Cleveland Ohio

Company: Reminger Co.
Location: Cleveland, Ohio
Posted On: 04/26/2024

Company Overview: Reminger Co., L.P.A. is a dynamic law firm committed to providing excellent legal services to its clients. With a focus on innovation and client satisfaction, we are seeking a highly skilled and motivated Chief Information Security Officer (CISO) to join our team and lead our efforts in maintaining the security and integrity of our information systems.Job Description: As the Chief Information Security Officer (CISO) at Reminger Co., L.P.A., you will be responsible for overseeing all aspects of information security to ensure the confidentiality, integrity, and availability of our data and systems. You will work closely with various teams across the organization to identify and mitigate security risks, implement security best practices, and respond to security incidents in a timely manner. This position reports directly to the executive leadership team.Responsibilities:

• Vulnerability Management and Patching: Identify and prioritize vulnerabilities in our systems and applications. Coordinate and oversee patch management processes to ensure timely deployment of security patches.
• Logscale Review and Alerts: Monitor and analyze logs for suspicious activity. Respond to security alerts and incidents in a timely manner.
• Risk Assessment Questionnaires: Assist in the completion of risk assessment questionnaires from clients and partners. Follow up on identified risks and implement necessary changes to mitigate them.
• Azure Logs Review and Alerts: Monitor Azure logs for signs of unauthorized access or unusual activity. Investigate and respond to at-risk user accounts and unusual sign-ins.
• Firewall and Network Traffic Logs: Monitor firewall and network traffic logs for potential security breaches. Respond to alerts and investigate suspicious network activity.
• MFA Status Check and Activation: Ensure multi-factor authentication (MFA) is enabled for all relevant accounts. Monitor MFA status and activate it as needed.
• User Account Offboarding: Manage the offboarding process for user accounts to prevent unauthorized access.
• CrowdStrike Endpoint Logs and Alerts: Monitor CrowdStrike endpoint logs for signs of malware or other security threats. Respond to alerts and investigate potential security incidents.
• CrowdStrike Identity Protection Logs: Monitor CrowdStrike Identity Protection logs for signs of unauthorized access. Investigate and respond to alerts related to identity-related security threats.
• Security Policy Updates: Develop, update, and communicate security policies and procedures to all employees. Ensure compliance with security policies and regulatory requirements.
• Keeper Account Setup: Set up and manage Keeper accounts for secure password storage.
• Review and Improve Security Policies and Configurations: Periodically review and update security policies and configurations for Azure, Azure apps, firewalls, and CrowdStrike Identity.
• Penetration Testing: Coordinate and oversee penetration testing activities to identify vulnerabilities and weaknesses in our systems.
• Investigation for Suspected Breaches: Conduct thorough investigations in the event of suspected security breaches. Implement remediation measures to mitigate the impact of breaches.
• Stay Up-to-Date with Security Information: Stay informed about the latest security threats, vulnerabilities, and best practices. Monitor sources such as CISA and other relevant security information channels.
• Malicious Email Identification and Removal: Identify and remove malicious emails from mailboxes when detected.
• Mimecast Policy Management: Manage Mimecast policies to enhance email security and prevent spam and phishing attacks.
• Security Awareness Training: Assign and oversee security awareness training videos for all employees.
• DMARC Implementation and Email Security Updates: Implement DMARC (Domain-based Message Authentication, Reporting, and Conformance) to enhance email security. Stay updated on email security best practices and implement necessary updates.
• System Hardening: Ensure systems are hardened according to best practices, including regular backups and privileged access workstation setups.
• Periodic Account Password Changes: Enforce periodic password changes for service and admin accounts to enhance security.Prerequisite Skills:
  • Bachelor's degree in Computer Science, Information Technology, or related field (Master's degree preferred).
  • Minimum of 5 years of experience in information security roles.
  • Strong understanding of cybersecurity principles, practices, and technologies.
  • Experience with vulnerability management tools and processes.
  • Proficiency in log analysis and SIEM (Security Information and Event Management) tools.
  • Familiarity with cloud security principles, particularly Azure.
  • Experience with firewall management and network security.
  • Knowledge of identity and access management principles and technologies.
  • Familiarity with endpoint security solutions such as CrowdStrike.
  • Excellent communication and interpersonal skills.
  • Strong problem-solving and analytical abilities.
  • Relevant certifications such as CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager) preferred.At Reminger Co., L.P.A., we are committed to creating a diverse and inclusive workplace. We encourage applications from candidates of all backgrounds and experiences. If you are passionate about information security and are looking for an opportunity to make a significant impact, we invite you to apply for this position.
    #J-18808-Ljbffr More...

        

    ---

    Register an account with us and set up job agents! We'll email you immediately when jobs like this are posted on our site.

    ---