Breaking The Law
LawAdvisor was founded in 2015 in Melbourne, Australia with a fearless and ambitious belief: that everybody should have access to justice.
We hypothesised that the high costs, inefficiencies, and difficulties of obtaining legal help could be overcome simply by providing greater access to legal information, and by providing everybody with real-time access to high-quality, affordable lawyers online.
Our mission has since been supported by thousands of lawyers and has allowed us to expand and set up offices across the globe. We've also attracted high profile investors and partners who have shared our mission to transform legal service delivery.
We're still not satisfied. The potential exists to completely revolutionise the practice of law. The start of this decade has delivered LawAdvisor with a new mandate: to overhaul and transform how lawyers work, and how people interact with and consume legal services, with state of the art legal practise management technology to (i) increase efficiencies; (ii) automate routine processes; (iii) increase transparency; and (iv) bring legal practice to the 21st century.
An Information Watchdog
Our Information Security Manager will be the author of LawAdvisor's information security systems and protocols. You’re ready to face the challenge of architecting and implementing the company's information security management system, Security Information and Event Management, and other related initiatives head on.
You will work with our Product, Engineering, DevOps, and Quality Assurance Teams to create and maintain the safest operating environment for LawAdvisor’s users and employees. You will have tremendous influence over the vision,creation, and implementation of the overall security protocols and processes.
You take a systemic approach to security, and strive to ensure that we provide low friction, high-impact security across everything we do.
You will ensure that LawAdvisor conducts its business processes in compliance with laws and regulations, professional standards and international standards. Through engagement with all parts of the business and effective operation of the company’s information security management system, you will provide insight and advice to support decision-making at multiple levels within the organisation.
- Help shape our maturing security program – with a focus on security reviews, application security, infrastructure security, and incident detection and response.
- Create and maintain security policies, standards, procedures, and systems that mitigate and prevent vulnerabilities in our products and operations.
- Provide support for implementing security standards, performing self-assessments and coordinating related external audits.
- Develop and implement new ways to automate and improve security to reduce time to investigate security incidents.
- Work with our product, quality assurance, and engineering teams to ensure security best practices are baked into everything we build. Additionally, you will build a support system for the security champions across our company.
- Work closely with the product team to understand customers’ security needs and current priorities. Collaborate with key stakeholders on remediation strategies, provide guidance, and follow through closure.
- Work closely with the People Operations team to advise on policies, train, and enforce security policies and procedures, and help respond to cyber events involving employees.
- Monitor, enforce, and routinely audit the compliance of all information security policies, procedures and contingency plans to ensure changes to relevant regulations are adhered to.
- Perform analysis of scan results and determine criticality ratings for vulnerabilities that impact all production environments.
- Confidently communicate the information security policies enforced with a range of audiences – ensuring the messages are concise, articulate, impactful, and use the most appropriate methods of communication.
- Provide quality reports to summarise test activities, including objectives, planning, methodology, results, analysis and recommendations to both technical and non-technical audiences.
You Should Have…
- A bachelor's degree in information technology, computer science, or any related field.
- Previous experience as an Information security manager, Penetration Tester, Compliance Officer, Solutions Solutions Architect, Cloud Architect, Security Engineer or similar.
- At least 4 years of experience in the Information Security field.
- Hands-on experience with security systems – including firewalls, intrusion detection systems, anti-virus software, and authentication systems. Should have a breadth of experience across the information security domain.
- Exceptional verbal and written communication skills.
- Ability to identify, interpret, and document compliance requirements related to legal, contractual, regulation, and financial matters.
- Familiarity with web-related technologies (Web applications, Web Services, Service-Oriented Architectures) and of network/web-related protocols
- An enthusiasm for staying up to date with the most current industry changes, trends, best practices, and assessing the potential impact of these changes on organisational processes.
- Ability and experience working closely with both technical and non-technical cross-functional stakeholders.
- Knowledge of GDPR, its business implications and the merits of various technical approaches.
- Master's degree in Computer Science, or a related field.
- Qualified ISO 27001 Lead Implementer.
- Previous experience as white hat hacker.
- Previous experience in blue team and red team techniques
- Previous experience in a law firm/legal department
- Previous experience in a startup environment.
- Experience working with a remote team.
- Experience managing a team
- A highly skilled, driven and dedicated team.
- Competitive salary: we strive to always provide industry market rates.
- Remote work opportunities: our team is distributed across the globe and we enjoy the flexibility of working remotely when possible.
- Continuous learning and development: whether by way of conferences, online courses, or further study, we’re here to support your personal and professional growth.
- Company retreats: while we operate over Zoom and Slack, our company retreats allow us to create long-lasting bonds with each other and to feel human.
- A direct line with our key users, and influential high-level stakeholders (investors, advisors, and other relevant members) to use as and when needed.
- Win and grow together: we strive to become the best in our field and always seek opportunities for growth. We are not afraid of challenges or failure.
- Nothing is too small: we’re never too big to do the smallest things.
- Pressure makes diamonds: as a team, we train to win. We are not scared of pressure, embrace challenges, and never lose our resolve.
- Continuous improvement: as a leader in the legal technology space, we vow to continue pushing through boundaries to create breakthrough legal products.
- Teamwork makes the dream work: we nurture a workplace where there are plenty of opportunities to earn, learn, grow, and succeed together.
- No Oompa Loompas: although we're united with a strong vision and work towards shared goals, we encourage everyone to be themselves. Our team is made up of diverse individuals so that we’re able to think creatively outside the box for solutions to entrenched problems.