IT Security & Compliance Specialist

Remote Full-time
Information Technology Compliance Manager Chisholm Chisholm & Kilpatrick (CCK) is a nationally recognized law firm committed to providing exceptional client service in the areas of Veterans Law, ERISA law, and Bequest Management. CCK is seeking an Information Security & Compliance Specialist to lead our information security and compliance program. The ISS will be responsible for developing, implementing, and overseeing policies and controls that ensure compliance with HIPAA data security requirements and SOC 2 Type II audit certification. This position requires both strategic thinking and hands-on execution, with strong cross-functional collaboration across IT, legal, operations, and client-facing teams. Key Responsibilities • Policy & Program Management: Develop and maintain the firm’s Information Security Management Program (ISMP); Establish and enforce data governance and cybersecurity policies in accordance with HIPAA, SOC 2, and relevant state laws; Own documentation of controls, risk assessments, audit responses, and security-related protocols. • Compliance & Risk Management: Lead regular risk assessments and threat modeling initiatives; Manage the SOC 2 Type II audit process, partnering with third-party auditors and internal stakeholders; Oversee HIPAA compliance, including breach notification protocols, security risk analysis, and access control. • Security Operations: Monitor cloud platforms, email, file sharing, and endpoints for data security compliance; Implement and maintain tools such as SIEM, MFA, and endpoint protection solutions; Evaluate third-party vendors for security posture and compliance alignment; Deliver firm-wide HIPAA security training and ongoing security awareness initiatives; Foster a culture of compliance through education and stakeholder engagement; Respond to incidents as needed, including triage, containment, and remediation support; Maintain up-to-date knowledge of industry trends, emerging threats, and best practices. Job Requirements • Bachelor’s degree in information security, Computer Science, or a related field (Master’s preferred). • Minimum 5 years of experience in an information security role, preferably within a highly regulated environment. • Deep understanding of state data security laws and regulations, HIPAA data security requirements and experience preparing for or managing SOC 2 Type II audits. • Familiarity with NIST, ISO 27001, or COBIT frameworks. • Experience with security tools (SIEM, endpoint protection, DLP, MFA, etc.). • Experience with the incident response life cycle. • Excellent communication skills and ability to work with legal, technical staff and non-technical staff. Preferred Certifications • Certified Information Security Manager (CISM) • Certified HIPAA Security Professional (CHSP) or equivalent • SOC 2 implementation or auditing experience • Competitive salary based on experience • CCK offers options for medical, dental, and vision insurance (including employer-paid medical insurance for the employee!) and other wellness benefits • Gym membership reimbursement • 15 days of PTO which increase to 20 days of PTO after 1 year plus 12 paid company holidays in 2025 • 35 Work from Home Days per year that can be used for any reason • 401k matching Seniority level • Mid-Senior level Employment type • Full-time Job function • Information Technology • Industries: Legal Services Referrals increase your chances of interviewing at KLR Executive Search Group LLC by 2x Inferred from the description for this job Medical insurance Vision insurance 401(k) Apply BELOW Apply tot his job

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

CVS Careers, At Home Jobs, Work From Home

Remote

Sitel work from home

Remote

Event Compliance & Finance Assistant (UK, Virtual, EUROPE)

Remote

Contact Center Associate I ( Remote position)

Remote

CSR – Remote Roofing Appointment Setter | Clear English Accent

Remote

**Experienced Online Chat Support Specialist – Part-Time Opportunity with arenaflex**

Remote

(Online Remote jobs) Apple At-Home Advisor

Remote

Non Profit Salesforce Administrator at Hoag Hospital Irvine Newport Beach, CA

Remote

Experienced Market Research Participant – Share Your Opinions and Shape the Future of Products and Services at blithequark

Remote

**Experienced Data Entry Associate – Remote Opportunity at blithequark**

Remote
← Back