Security and Compliance Specialist

About The Position

Requirements

• Bachelor’s Degree required.
• Minimum of 3 years of relevant experience in information security, compliance, or IT support, preferably in a professional services environment.
• Strategic understanding of IT security and technology.
• Strong analytical, critical thinking and attention to detail.
• Excellent written and verbal communication skills, with the ability to articulate complex technical ideas clearly to Legal and IT staff.
• Self-motivated, with the ability to lead and educate others at all levels on the significance and value of information and physical security.
• Strong technical expertise, including proficiency with malware analysis tools, Sandboxes, Linux, Windows OS.

Responsibilities

• Complete baseline security and compliance reviews of outside counsel guidelines from clients and escalate potential issues as they arise.
• Review and prepare client security assessments and questionnaires prior to final submission, collaborating with cross‑functional teams to address firm security requirements, and assist in establishing baseline security standards for FBT Gibbons–owned devices based on specific client expectations.
• Maintain an ongoing understanding and purview of regulatory and contractual requirements to ensure current processes meet expectations, and develop programming where gaps exist.
• Create and monitor standardized internal processes to ensure consistency with overall operational risk management goals.
• Create and maintain data maps for client data.
• Support the ongoing development, documentation, and maintenance of the firm’s Information Security Management System (ISMS) and Privacy Information Management System (PIMS) in support of ISO/IEC 27001 and ISO/IEC 27701 certification, including evidence collection and review.
• Participate in the ongoing development, documentation, and maintenance of the firm’s Vendor Risk Management Program.
• Support the full lifecycle management of firm projects and vendor relationships, including vendor identification, vendor risk assessments, contract execution, account management, and termination.
• Investigate and respond to Data Loss Prevention (DLP) alerts, including Microsoft Purview, NetDocuments, and Mimecast.
• Maintain KnowBe4 simulated phishing campaigns and new hire training campaigns. Assist with review of submitted phishing emails as needed.
• Support security and compliance initiatives by assisting with help desk ticket intake and resolution during high-volume periods, including targeted phishing events, providing user support, reinforcing secure behaviors, and ensuring appropriate incident tracking, escalation, and reporting.
• Maintain existing compliance tools and provide recommendations based on knowledge and practical application of industry best practices to manage compliance and reduce risk. Advise management of current industry trends and operational risk threats.
• Participate in internal and external compliance reviews and requests for mutually approved artifacts.

Benefits

• FBT Gibbons offers a competitive salary and a comprehensive benefits package, including health care coverage (medical, dental, and vision), life insurance, short- and long-term disability, paid parental leave, employee wellbeing and EAP programs, paid time off, and a 401(k) retirement plan with employer matching and profit-sharing. Benefit offerings and eligibility vary by location and are subject to applicable plan terms and legal requirements.