{"id":734,"date":"2025-12-04T11:04:36","date_gmt":"2025-12-04T11:04:36","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=734"},"modified":"2025-12-04T11:04:39","modified_gmt":"2025-12-04T11:04:39","slug":"information-security-engineer-compliance-grc-automation-law-firm","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/information-security-engineer-compliance-grc-automation-law-firm\/","title":{"rendered":"Information Security Engineer \u2013 Compliance &#038; GRC Automation (Law Firm)"},"content":{"rendered":"\n<p>\u200bThis is a full-time <strong>Information Security Engineer<\/strong> role at Akerman, a premier law firm, seeking a technically adept professional to thrive at the intersection of security engineering, governance, and client assurance. The ideal candidate will <strong>lead and maintain the organization\u2019s ISO 27001 and SOC 2 Type II programs<\/strong>, manage client security audits, and automate processes using AI-powered GRC platforms.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Location:<\/strong> Miami, FL, USA.<\/li>\n\n\n\n<li>\u200b<strong>Experience:<\/strong> <strong>7+ years<\/strong> of experience in Information Security Engineering, Risk Management, or Compliance.<\/li>\n\n\n\n<li>\u200b<strong>Core Focus:<\/strong> Implementing and maintaining <strong>ISO 27001 ISMS<\/strong> and <strong>SOC 2 Type II<\/strong> (Security, Availability, Confidentiality principles), managing client audit responses, and performing vendor risk management.<\/li>\n\n\n\n<li>\u200b<strong>Tools:<\/strong> Proficiency with <strong>AI-powered GRC automation platforms<\/strong> (e.g., Archer, Drata, Vanta).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bKey Responsibilities: Governance, Assurance, and Engineering<\/h3>\n\n\n\n<p>\u200bThe engineer drives compliance programs, manages assurance activities with clients and vendors, and supports security operations.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Compliance Leadership:<\/strong> <strong>Lead and maintain<\/strong> the organization\u2019s <strong>ISO 27001<\/strong> Information Security Management System (ISMS) and <strong>SOC 2 Type II<\/strong> programs, ensuring continuous compliance.<\/li>\n\n\n\n<li>\u200b<strong>Audit Response:<\/strong> Coordinate and <strong>respond to client security audits and vendor security assessments<\/strong>, ensuring timely and accurate delivery of evidence. Work closely with internal teams (Legal, HR, IT) to track remediation.<\/li>\n\n\n\n<li>\u200b<strong>GRC Automation:<\/strong> Use <strong>AI-powered GRC tools<\/strong> (Drata, Vanta, Archer) to automate control monitoring, risk assessments, and compliance reporting.<\/li>\n\n\n\n<li>\u200b<strong>Policy &amp; Standards:<\/strong> Develop and maintain security policies, procedures, and technical hardening standards mapped to <strong>ISO 27001 Annex A, NIST CSF, and CIS Controls<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Vendor Risk:<\/strong> Participate in <strong>third-party vendor reviews<\/strong>, performing due diligence and tracking remediation activities.<\/li>\n\n\n\n<li>\u200b<strong>Security Support:<\/strong> Support cloud and on-premises security posture improvement across AWS, Azure, and\/or GCP environments, and support the full incident response process.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">\u200bDesired Qualifications and Framework Knowledge<\/h3>\n\n\n\n<p>\u200bThe role requires extensive experience with major regulatory frameworks and security assurance processes.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Required Experience:<\/strong> Hands-on experience implementing or maintaining <strong>ISO 27001<\/strong> and <strong>SOC 2 Type II<\/strong>. Proven experience responding to client security questionnaires and conducting vendor security assessments.<\/li>\n\n\n\n<li>\u200b<strong>Framework Expertise:<\/strong> Deep understanding of security frameworks: <strong>ISO 27001, NIST CSF, SOC 2, CIS Controls<\/strong>, and <strong>GDPR\/CCPA<\/strong> principles.<\/li>\n\n\n\n<li>\u200b<strong>System Knowledge:<\/strong> Strong understanding of <strong>SIEM, EDR, vulnerability management, and access control systems<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Preferred Certifications (Any Combination):<\/strong> <strong>CISSP, CISA, CRISC, CCSP, OSCP, GCIH<\/strong>.<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a full-time Information Security Engineer role at Akerman, a premier law firm, seeking a technically adept professional to thrive at the intersection of security engineering, governance, and client assurance. The ideal candidate will lead and maintain the organization\u2019s ISO 27001 and SOC 2 Type II programs, manage client security audits, and automate processes [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[43],"jobpost_job_type":[39],"jobpost_location":[1041],"jobpost_tag":[3422,3424,476,3423,3420,3180,1253,3425,3426,3421,1032,1617],"class_list":["post-734","jobpost","type-jobpost","status-publish","hentry","jobpost_category-it","jobpost_job_type-remote","jobpost_location-united-states","jobpost_tag-archer","jobpost_tag-client-audit-response","jobpost_tag-compliance","jobpost_tag-drata","jobpost_tag-grc-automation","jobpost_tag-information-security-engineer","jobpost_tag-iso-27001","jobpost_tag-law-firm","jobpost_tag-miami","jobpost_tag-soc-2-type-ii","jobpost_tag-vanta","jobpost_tag-vendor-risk-management"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/734","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=734"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=734"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=734"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=734"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=734"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}