Enterprise Security Compliance Lead

Latham & Watkins is a global law firm consistently ranked among the top firms in the world. The success of our firm is largely determined by our commitment to hire and develop the very best and brightest creating a team that provides our clients with the highest quality of work and service. We are driven by our core values: respect innovation and collaboration.

The Enterprise Security Compliance Leadis an integral part of Lathams Global Security and Risk Management role will be responsible for participating in the overall process related to client security audits vendor security audits and other security compliance activities (e.g. ISO 27001 penetration tests other client responses etc.) while completing assigned client security reviews from intake through closure by identifying all necessary internal stakeholders based on the request (e.g. security survey audit review etc.) assembling relevant and appropriate documentation and completing the appropriate forms and questionnaires required by Latham clients. This role will be located in our Los Angelesoffice. Please note that this role may be eligible for a flexible working schedule that allows for a hybrid and in-office presence.

Other key responsibilities include:

• Assisting with the vendor security audit process for assigned vendors including collecting and reviewing submitted materials following up on outstanding items and drafting summary reports
• Maintaining relationships with third-party audit services that audit firm vendors audit the firm on behalf of clients or otherwise evaluate the firm (e.g. ISO 27001 assessors independent consultants)
• Acting as a project manager to ensure the success of ISO 27001 client and vendor audits and other assessments by identifying internal stakeholders scheduling and motivating team members to meet deadlines assembling relevant documentation completing necessary responses and tracking follow-up actions
• Arranging penetration and vulnerability tests scheduling these tests following up on results delivering the results of internal and external system vulnerability scans and coordinating necessary internal follow-up to facilitate agreement and remediation of issues
• Organizing team work and reviews to ensure consistency and quality
• Creating reports and presentations for senior management
• Interfacing with staff throughout the firm to facilitate the efficient and secure use of Technology services
• Preparing technical documentation and reports as required
• Protecting and maintaining any highly sensitive confidential privileged financial and/or proprietary information that Latham & Watkins retains
  

Wed love to hear from you if you:

• Exhibit an understanding of business security practices and procedures
• Possess knowledge of information security technologies
• Demonstrate knowledge of a variety of communication protocols and encryption techniques/tools

And have:

• A bachelors degree or equivalent; a minimum of five (5) years of Security and Technology experience may be considered in lieu of a degree
• A bachelors degree in Information Systems Computer Science Engineering or related field preferably
• Recognized security certifications preferred (e.g. CISM CISA CRISC CDPSE CISSP)
• A minimum of five (5) years of experience in IT audit or IT risk management
• A minimum of three (3) years of experience in performing security assessments IT vendor risk assessments and vulnerability management reviews
• A minimum of two (2) years of experience applying project management concepts

Successful candidates will not only be provided with an outstanding career opportunity and welcoming environment but will also be provided with a generous total compensation package with bonuses awarded in recognition of both individual and firm performance. Eligible employees can participate in Lathams comprehensive benefit program which includes:

• Healthcare life and disability insurance
• A generous 401k plan
• At least 11 paid holidays per year and a PTO program that accrues 23 days during the first year of employment and grows with tenure
• Well-being programs (e.g. mental health services mindfulness and resiliency medical resources well-being events and more)
• Professional development programs
• Employee discounts
• Affinity groups networks and coalitions for lawyers and staff

Latham & Watkins is an equal opportunity employer. The Firm prohibits discrimination against any employee or applicant for employment on the basis of race (including but not limited to hair texture and protective hairstyles) color religion sex age national origin sexual orientation gender identity veteran status (including veterans of the Vietnam era) gender expression marital status or any other characteristic or condition protected by applicable statute.

Latham & Watkins LLP will consider qualified applicants with criminal histories in a manner consistent with the City of Los Angeles Fair Chance Initiative for Hiring Ordinance (FCIHO). Please click the link below to review the Ordinance.

Please click here to review your rights under U.S. employment laws. #MidSenior #LI-JN1