Role OverviewWhile we are a fully-remote company, we are accepting candidates who reside and work daily within 2 hours of Eastern Time. As an IT Security Manager at Rubris, you will play a critical role as a subject matter expert responsible for our information security, compliance, and risk management function and programs. This role focuses on CMMC, NIST, and SOC 2 compliance, security policy development, vulnerability monitoring, incident remediation support, vendor risk management, and employee security awareness.Our CompanyRubris Inc. provides transformational legal technology and solutions for complex business and legal processes in the mass tort industry. Our data solutions streamline and automate processes to improve efficiency while delivering unprecedented insights and analytics.Key ResponsibilitiesSecurity Compliance and CertificationManage certification frameworks, including CMMC, NIST, and SOC 2Assist the Company to successfully achieve compliance with applicable security certificationsDevelop, track, and maintain security and compliance policy documentsBuild and maintain controls documentation aligned with multiple compliance frameworks and standardsEnsure ongoing compliance with the Company’s information security policies and procedures and ensure controls are implementedRisk Management and Security StandardsDevelop IT security standards, best-practice implementations, and systems to ensure enterprise information system securityIdentify acceptable levels of risk and establish roles and responsibilities for information classification and protectionMaintain security policies and proceduresEvaluate risk and develop security standards, procedures, and controls with a mindset of continuous process improvementVulnerability Management & Incident SupportAnalyze and review system configurations for security vulnerabilitiesMonitor Company security vulnerabilitiesAssist with remediation of escalated incident tickets and review completed tickets for accuracy and sufficiencyVendor Security and Technology CoordinationConduct vendor security assessments and support the Company’s vendor management programCoordinate security and compliance technology development requestsCoordinate with external IT service providers on security and compliance matters, including device configuration, application management, and security updatesGovernance, Reporting and Leadership CommunicationAttend Security Committee meetings and draft meeting minutesCoordinate Security Committee meetings and maintain records of activitiesCommunicate cybersecurity risks to senior management through reports, presentations, metrics, and documentationSecurity Training & AwarenessConduct security awareness training and assist with publishing security bulletins and advisoriesDesign and conduct testing of data security controls, including simulated events and phishing exercisesProvide security guidance and training to Company employeesProvide security guidance for IT projects, including evaluation and recommendation of technical controlsWhat you bringBachelor's degree or equivalent and 5-8 years of experience in IT security, information security, or cybersecurity requiredPrevious experiencing managing this function within a fully remote company preferableAbility to work independently and with a self-directed mindset of ownership of this function is critical to successHands-on experience with CMMC, NIST, and/or SOC 2 complianceExperience developing and maintaining security policies, procedures, and controls documentationKnowledge of risk assessment, vulnerability management, and incident response supportAbility to communicate security risks and requirements to technical and non-technical stakeholdersWhat we offer100% remote work (MacBook Pro provided)Fully paid premiums for employee medical, dental, and vision insuranceAnnual paid time off (PTO) plus 11 paid holidays401(k) plan with employer contribution that is 100% vestedOpportunities to advance, develop, and make an impact as part of a growing companyRubris Core ValuesWe value the importance of connecting, collaborating, and celebrating while committing to a mindset of joint ownership of outcomes guided by our core values:Shift your perspectives: Ideas are developed by understanding different viewpointsBe generous: We have better experiences and achieve more when kindness and generosity are abundantLove what you do: Wake up each morning excited to learn new skills, incubate ideas, and tackle fresh challengesBe true to your word: We take our commitments to clients and each other seriouslyBuild strong relationships: Take the time to build strong relationships with colleagues and clients - our technology is built and used by humansRubris believes in creating an environment of inclusion and belonging. We advance the most talented individuals regardless of their race, sexual orientation, religion, age, gender, disability status or any other dimension of diversity. The success of our team members drives the success of our business and promoting a culture in which every team member feels respected and supported creates a workplace in which we all can accomplish our goals. Please alert your recruiter if you require an accommodation during the hiring process.
