Director IT Security

Job Description

The Director of IT Security is a senior leader responsible for designing managing and executing the firms technical cybersecurity strategy and operations. This role focuses on real-time threat detection response prevention and security engineering ensuring the integrity confidentiality and availability of the firms digital assets across a global environment.

This position leads a team responsible for cyber defense operations incident response vulnerability management and secure infrastructure engineering. It works in close partnership with the Director of GRC and the Senior Director of Technology.

This is a highly collaborative role requiring the ability to foster strong partnerships across technical and non-technical teams. Exceptional communication skills are essential to effectively

convey complex security concepts and coordinate seamlessly with stakeholders at all levels.

KEY RESPONSIBILITIES

Cybersecurity Strategy & Leadership

• Develop and lead a proactive cybersecurity strategy grounded in real-time threat intelligence detection and rapid mitigation.

• Act as the firms authoritative voice on active threats delivering clear accurate and timely notifications to firm leadership including Executive Committee and General Counsel as necessary.

• Establish robust executive communication protocols for threat alerting escalation and resolution tracking.

• Drive alignment of the security program with business priorities and client obligations.

• Oversee selection and optimization of security platforms and services.

• Manage vendor relationships with MSSPs MDR providers and technology partners.

• Continuously improve metrics and reporting to measure security posture and readiness.

Cybersecurity Architecture & Engineering

• Design and maintain a modern security architecture across cloud and on-prem environments (e.g. Microsoft 365 Azure endpoint and perimeter).

• Oversee implementation of secure network identity and endpoint solutions.

• Evaluate and deploy next-generation security tools including EDR XDR SOAR and Zero Trust models.

Security Operations Center (SOC) & Threat Detection

• Lead global 24x7 security operations managing internal and outsourced SOC providers.

• Develop playbooks and automation pipelines for threat detection alert triage and incident response.

• Oversee log management and SIEM tuning to reduce noise and improve response precision.

Incident Response & Forensics

• Own the end-to-end incident response process including containment eradication and root cause analysis.

• Lead technical response to security breaches ransomware events or advanced persistent threats.

• Conduct post-incident reviews and implement lessons learned.

Technical Vulnerability & Patch Management

• Oversee vulnerability scanning penetration testing and remediation processes.

• Ensure timely patching of critical systems in coordination with infrastructure and application teams.

• Maintain current risk posture visibility through dashboards and metrics.

Identity & Access Security

• Implement and monitor identity governance frameworks privileged access management and single sign-on controls.

• Enforce least-privilege and role-based access design for internal and external users.

REQUIRED EDUCATION KNOWLEDGE & EXPERIENCE

• Bachelors degree in Computer Science Cybersecurity Information Systems or equivalent.

• Minimum 8 years of experience in information security with 5 years in a technical leadership role.

• Certifications: CISSP GIAC (GCIH GCIA) OSCP or related technical security credentials preferred

REQUIRED SKILLS AND ABILITIES

• Demonstrated expertise in threat detection escalation and executive-level communication in high-stakes environments.

• Strong hands-on knowledge of security operations network/cloud security and incident response.

• Experience in legal professional services or highly regulated global environments.

PHYSICAL REQUIREMENTS

• Ability to sit and stand for extended periods.

• Ability to lift up to 25 pounds.

Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.

If you require an accommodation in order to apply for a position please contact us at .