Director - IT Security

Job Description

The Director IT Security will set and drive the Global Cybersecurity Strategy. This role is responsible for leading the development and continuous evolution of a comprehensive firm-wide cybersecurity strategy that aligns with the unique needs of an international law firm and its clients with a strong emphasis on data confidentiality integrity and regulatory compliance across jurisdictions.

KEY RESPONSIBILITIES

• Architect Cloud-focused and Zero Trust Security Models: Champion the transition to a secure cloud-focused environment by designing and implementing modern scalable architectures such as Zero Trust tailored to hybrid legal workflows and geographically distributed operations.

• Steer Enterprise Security Governance: Establish and enforce robust security governance frameworks policies and risk management protocols that are consistent with industry best practices (e.g. NIST ISO 27001) and address the complex legal and ethical obligations inherent in client data protection.

• Lead Threat Intelligence and Incident Readiness Programs: Oversee global threat intelligence gathering and proactive risk mitigation initiatives. Ensure the firm is prepared to respond decisively to sophisticated cyber threats including ransomware nation-state attacks and third-party breaches.

• Oversee Business Continuity and Disaster Recovery Planning: Lead the firms global business continuity and disaster recovery (BC/DR) strategy ensuring resilience of critical legal services and IT operations. Conduct regular risk assessments testing and scenario planning to minimize disruption and uphold client obligations in the face of cyber operational or natural disasters.

• Enable Secure Innovation and Digital Transformation: Partner with firm leadership legal practice groups and IT to embed security by design into new technology initiatives ensuring secure client collaboration remote work capabilities and digital service delivery.

• Cultivate Cross-Functional and International Collaboration: Build strong working relationships with legal compliance privacy and risk management teams across regions. Provide executive-level insights to align security objectives with the firms strategic goals and client commitments.

• Foster a Culture of Security Awareness and Resilience: Drive firmwide education and awareness programs tailored to the legal sector. Promote a culture where cybersecurity is a shared responsibility reinforced through training simulations and leadership visibility.

REQUIRED EDUCATION KNOWLEDGE & EXPERIENCE

• Bachelors degree in Computer Science Information Security or a related field.

• Minimum of ten years experience in information security with at least 5 years in a senior architect or equivalent role.

• Experience in legal or other highly regulated industries is preferred.

REQUIRED SKILLS AND ABILITIES

• Detailed knowledge of modern cyber technologies and tools.

• Familiarity with security frameworks.

• Proven expertise in designing and implementing security controls particularly within Microsoft 365 and Azure environments.

• Hands-on experience with threat modeling risk assessments and vulnerability management in hybrid IT environments.

• Exceptional communication and collaboration skills with the ability to engage effectively with both technical and non-technical stakeholders.

• Strong analytical and problem-solving skills.

• A proactive mindset with a focus on driving security innovation and operational excellence.

• Self-starter with the ability to work independently and lead strategic initiatives.

• Detail-oriented with a commitment to delivering high-quality results.

• Adaptability to a fast-paced and dynamic environment.

PHYSICAL REQUIREMENTS

• Ability to sit and stand for extended periods.

• Ability to lift up to 25 pounds.

Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.

If you require an accommodation in order to apply for a position please contact us at .