Aderant Company Profile

Director Information Security at Aderant (Atlanta, GA)

About the Employer

Job Description

Global provider of market leading solutions. Dynamic team culture. Competitive bonus programs. Collaborative cross-functional teams. World class benefits. Challenging and Rewarding work. At Aderant, we power the worlds leading law and professional services firms. We focus on delivering world class products and services which are developed, marketed, sold, and supported by superior talent. The expertise and talent of our people have made us the largest independent provider of law firm technology in the world, and our people will drive our success in the future. Under the direction of the CIO, the Director of Information Security is responsible for defining and maintaining the information security program to ensure that information assets and the associated technology, applications, systems, infrastructure, and business processes are protected.  The Director of Information Security is involved in the identification, recommendation, and implementation of best practices, policies, standards, baselines, guidelines, procedures, and security solutions. In addition, this role will be a key participant in conducting vulnerability and penetration tests, audits and assessments, and in responding to requests for information by our clients. This role requires strategic and technical experience with proven results to lead the overall information security strategy, vulnerability management, incident management, execution of application security standards, and security monitoring. This role is also responsible for identifying, evaluating and reporting on legal and regulatory items, IT, fraud and cybersecurity risk to information assets, while supporting and advancing business objectives. Responsibilities Identifies best practices, policies, standards, baselines, guidelines, and procedures Ensures implementation of best practices, policies, standards, baselines, guidelines, and procedures Tracks and manages compliance with industry frameworks and/or standards (SOC, ISO 27001, GDPR, etc.) Manages professional relations with employees, vendors, and clients with respect to information security topics Manages communications with IT management and corporate management Produces regular reports for IT management and corporate management Provides support for security solutions in place Responsible for the identification, investigation, and resolution of security incidents Participates in the planning, design, and testing of enterprise security architecture, as well as disaster recovery & business continuity Updates and enhances security policies and procedures Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security posture Provides technical documentation to assist with efficient planning and execution Participates in the design and execution of vulnerability assessments, penetration tests, and security audits Maintains up-to-date baselines for the secure configuration and operations of all in-place devices, whether they are under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.) Performs objective tests of policies, procedures, controls, and solutions to improve the firms security posture and compliance Fosters a culture of continuous improvement Skills & Requirements Bachelor's degree or higher in Information Technology or related field. 2 or more of the following certifications preferred: ISSE, CISM, CISSP, OCSP, CHFI, GIAC, or GSEC. 2+ years experience managing information technology security programs. 5+ years executing Information Security tasks in complex application or infrastructure environments. Hands on experience in deploying and administering security tools and appliances creating policies, tuning, log analysis, troubleshooting and diagnosing problems. Proven experience securing and auditing the security of cloud systems in either AWS (preferred) or Azure Experience with manual or automated security assessment, vulnerability validation, and/or penetration testing and security audits (SSAE18 SOC2 preferred) Strong understanding of industry frameworks and standards such as GDPR, HIPAA, PCI DSS, SOC2, NIST, ISO27001. Strong technical knowledge in tools/methods used in securing Networks, Applications, Databases, and OSs. Familiarity with security web application technologies (web applications, web services, APIs, service-oriented architectures.) About us: Aderant, headquartered in Atlanta, Georgia, is a global industry leader in providing comprehensive legal business management software for law firms and other professional services organizations. Aderant is a market leader in technology solutions for practice and financial management, ebilling, knowledge management, business intelligence, matter planning, calendaring and docketing. Aderant is an established and trusted partner with its versatile and innovative technology solutions, superior customer service and reliable implementation process. Aderant operates as a unit of Roper Technologies, a constituent of the S&P 500®, Fortune 1000® and the Russell 1000® indices.