IT Audit & Risk Assessor

Posted 9 Days Ago
Salt Lake City, UT
Hybrid
Mid level
Legal Tech • Software
Filevine is a top-rated cloud-based case management solution for small and midsize legal firms and legal professionals.
The Role
The IT Audit & Risk Assessor manages compliance audits, risk assessments, and security efforts to ensure adherence to industry standards. Responsibilities include conducting audits for governmental compliance, training employees on secure practices, managing vendor risk assessments, and overseeing penetration testing efforts to mitigate vulnerabilities in IT systems.
Summary Generated by Built In

Filevine is forging the future of legal work with cloud-based workflow tools. We have a reputation for intuitive, streamlined technology that helps professionals manage their organization and serve their clients better. We’re also known for our team of extraordinary and passionate professionals who love working together to help organizations thrive. Our success has catapulted Filevine to the forefront of our field—we are ranked as one of the most innovative and fastest-growing technology companies in the country by both Deloitte and Inc.


Our Mission

Filevine is building the seamless intersection between legal and business by creating a world- class platform to help professionals scale.


About Filevine

Filevine is forging the future of legal work with cloud-based workflow tools. We have a reputation for intuitive, streamlined technology that helps professionals manage their organization and serve their clients better. We’re also known for our team of extraordinary and passionate professionals who love working together to help organizations thrive. Our success has catapulted Filevine to the forefront of our field—we are ranked as one of the most innovative and fastest-growing technology companies in the country by both Deloitte and Inc.


Our Mission 

Filevine is building the seamless intersection between legal and business by creating a world-class platform to help professionals scale.


Department Statement

The IT Audit team is responsible for performing timely audits and ensuring compliance and risk assessment efforts are aligned with industry standards and best practices.


Filevine is looking for a High Security IT Audit & Risk Assessor to join our Information Security team to ensure that our platform, applications, and infrastructure are compliant and secured at the highest levels thus protecting and enhancing customer trust. If you are bright, hardworking, ambitious, and enjoy taking ownership of security and compliance, we want to talk to you. This is an exciting opportunity to join a world-class team.

Responsibilities:

  • Manage CJIS obligations, including monthly and yearly audits, clearances for employees, and associated CJIS efforts
  • Assist with Federal and international government security audits (e.g. FedRAMP, StateRAMP, Canadian government compliance obligations Strategize and outline goals and objectives of the GRC (IT Audit and Risk management) programs.
  • Assist with security efforts to meet HIPAA, SOC 2 Type I & II, and other compliance requirements.
  • Work directly with Information Security, Legal, HR, Compliance and Development teams to ensure secure IT and IS best practices are fully adopted at Filevine.
  • Help train employees on auditing secure coding techniques to mitigate the need for break-fix/out-of-band patching.
  • Review audit, compliance and risk assessment issues that arise and manage them to resolution.
  • Provide audit frameworks and risk assessment methodologies contemplating new software solutions to help mitigate security vulnerabilities and other business risks.
  • Maintain documented Policy and Procedure libraries for compliance purposes.
  • Complete Third-party vendor risk management and security questionnaires for Filevine.
  • Provided annual Internal audit and risk assessment functions.
  • Facilitate and lead annual penetration testing and auditing efforts.
  • Develop a familiarity with new auditing and risk assessment tools and techniques.

Qualifications:

  • Bachelor's Degree or equivalent in Computer Science, Computer Engineering, Information Technology, or related field
  • 4+ years of experience in IT Audit and direct experience related to risk assessment methodologies.
  • Proven work experience as IT Audit & Risk Assessor with a passion for details and security.
  • Familiarity with auditing and assessing the OWASP Top 10.
  • Experience with managing risks, fraud, and security threats.
  • Knowledge of web related technologies (Web applications, Web Services and Service Oriented Architectures, Web Databases) and of network/web related protocols.
  • Experience assessing, testing, or auditing technical IT and security controls.
  • Working knowledge of and demonstrated experience with SOC II Type I & II, HIPAA Security Rule, FedRAMP Moderate, CJIS, GDPR, CCPA/CPRA and other compliance frameworks.
  • Demonstrated knowledge of assessing development methodologies (Agile, Waterfall).
  • Ability to work in a fast-paced environment.
  • Must exhibit excellence in partnering, teamwork, and quality performance.
  • Able to effectively give, receive, and respond to feedback.
  • Excellent oral and written communication skills with the ability to communicate security concepts to a technical and non-technical audience including senior management.
  • Demonstrated ability to establish relationships and build rapport to influence colleagues at all levels, uncover issues, and identify needs.

Preferred Qualifications:

  • Significant experience with auditing frameworks, formal audits, and risk assessment experience.
  • Significant experience with automated auditing and compliance tools.
  • GRC tool Certification or equivalent experience.
  • CISSP Certification or equivalent experience.
  • CISM Certification or equivalent experience.
  • CISA Certification or equivalent experience.
  • CIPP/US Certification or equivalent experience.
  • CRISC Certification or equivalent experience.


Filevine is an Equal Opportunity Employer. Qualifications for employment, promotion and other terms and conditions of employment are based upon the ability to perform the job. Equal-employment opportunities are provided to all applicants and employees without regard to race, creed, religion, color, age, national origin, sex, disability, veteran status, or other legally protected class. Filevine is committed to providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or accommodation due to disability, or if you have concerns related to Filevine’s equal employment opportunities, you may contact us at [email protected]


Cool Company Benefits:

- A dynamic, rapidly growing company, focused on helping organizations thrive 

- Medical, Dental, & Vision Insurance (for full-time employees)

- Competitive & Fair Pay

- Maternity & paternity leave (for full-time employees)

- Short & long-term disability

- Ergonomic and height-adjustable workstations for onsite employees

- Opportunity to learn from a dedicated leadership team

- Centrally located open office building in Sugar House

- Top-of-the-line company swag


Privacy Policy Notice

Filevine will handle your personal information according to what’s outlined in our Privacy Policy.

Top Skills

It Audit
Risk Assessment
The Company
HQ: Salt Lake City, UT
450 Employees
On-site Workplace
Year Founded: 2015

What We Do

Filevine is case management software built for and inspired by real attorneys. As a fully-featured suite of tools, it comes ready to manage every part of a moving case. Assign tasks, upload files or images, monitor staff productivity, and communicate with your client directly from within their case file.

Our software is built on the truth that every law firm functions differently. That’s why Filevine is so customizable. Build new case-type templates, design automatic workflows, and receive customized reports on a schedule that fits your needs.

Accessing your information is never a problem, because Filevine is hosted on The Cloud. To ensure security, your law firm’s data is protected through state-of-the-art encryption on redundant servers. All you need to get started is an internet connection and your favorite web browser.

Learn more at filevine.com.

Gallery

Gallery

Similar Jobs

CrowdStrike Logo CrowdStrike

Sr. Active Defense Analyst - 2nd Shift (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
10 Locations
10000 Employees
95K-160K Annually

CrowdStrike Logo CrowdStrike

Sr. Intelligence Analyst - CAO Elite (Remote)

Cloud • Information Technology • Sales • Security • Cybersecurity
Remote
16 Locations
10000 Employees
95K-160K Annually

Two Barrels LLC Logo Two Barrels LLC

Application Security Director

eCommerce • Legal Tech • Professional Services • Software • Data Privacy
Remote
Hybrid
Salt Lake City, UT, USA
950 Employees

BAE Systems, Inc. Logo BAE Systems, Inc.

Jr. Systems Administrator; Teamcenter Support

Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Hybrid
Hill Air Force Base, UT, USA
40000 Employees
62K-105K Annually

Similar Companies Hiring

Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees
RunPod Thumbnail
Software • Infrastructure as a Service (IaaS) • Cloud • Artificial Intelligence
Charlotte, North Carolina
53 Employees
Hedra Thumbnail
Software • News + Entertainment • Marketing Tech • Generative AI • Enterprise Web • Digital Media • Consumer Web
San Francisco, CA
14 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account