We are seeking an experienced IT Security Manager to lead and evolve the information security program. The ideal candidate will have direct experience in a law firm or a Big 4 advisory firm, bringing deep familiarity with protecting sensitive client data and navigating compliance obligations. This is a hands-on leadership role, combining strategic oversight with active involvement in security operations.
Key Responsibilities
Develop, implement, and maintain a comprehensive information security program that aligns with organizational goals and client confidentiality requirements.
Establish and enforce security policies, standards, and procedures to safeguard technology assets and sensitive information.
Continuously monitor security performance, assess risks, and provide senior leadership with actionable insights and status updates.
Conduct risk assessments, vulnerability scans, and penetration testing to identify and mitigate cybersecurity threats.
Lead incident response efforts, including investigation, containment, remediation, and reporting of security events.
Serve as a mentor and technical guide to the security team, promoting professional development and adherence to security best practices.
Qualifications
10+ years of experience in IT and information security, with at least 4 years in a leadership role.
Direct experience in a law firm or Big 4 professional services environment is required.
Strong knowledge of security frameworks and regulatory standards such as NIST, ISO 27001, and HIPAA.
Relevant certifications (CISSP, CISM, CISA, GIAC, CompTIA Security+, GISO) are highly desirable.
Demonstrated ability to manage security initiatives, lead technical teams, and provide strategic guidance to senior stakeholders on complex security challenges.