The Information Security Officer (ISO) is responsible for developing, implementing, and maintaining the law firm's information security strategy. This role ensures the confidentiality, integrity, and availability of client data, firm documents, and IT infrastructure, with a strong focus on regulatory compliance, client data protection, client audit readiness, and proactive risk management. The ISO will collaborate cross-functionally with legal, IT, compliance, and firm leadership to embed security best practices across all operations. This is a blended, hands-on role with significant operational oversight - initially an individual contributor position, with a clear growth path to lead the infrastructure team and shape the firm’s future technology landscape.

The ideal candidate will bring a strong technical foundation, leadership experience, and an understanding of the unique confidentiality and compliance demands of a law firm or professional services environment.

The ideal candidate will demonstrate deep technical expertise, experience with legal-industry security requirements, and the ability to architect and drive a forward-thinking, resilient security program aligned with client expectations and ethical obligations.

Key Responsibilities:

• Security Strategy & Governance
• Develop and lead the firm’s information security program.
• Establish and enforce security policies, procedures, and standards aligned with legal and regulatory requirements (e.g. HIPAA, ISO/IEC 27001, NIST).
• Conduct risk assessments and implement measures to reduce security threats.
• Incident Management
• Lead the response to security incidents and data breaches, including investigation, mitigation, and reporting.
• Maintain and test the incident response plan and disaster recovery strategies.
• Compliance & Legal
• Ensure compliance with client security requirements, industry regulations, and privacy laws.
• Support audits and client security assessments.
• Security Operations & Solutions Engineering
• Monitor systems for vulnerabilities and threats using tools like SIEM, IDS/IPS, and endpoint protection platforms.
• Manage security technologies, including firewalls, encryption protocols, VPNs, DLP, and mobile device management.
• Training & Awareness
• Lead security awareness programs for attorneys and staff to promote best practices and prevent phishing and social engineering attacks.
• Third Party Risk Management
• Evaluate third-party vendors for security risk and ensure appropriate controls are in place.
• Leadership and Team Management
• Lead and mentor team members promoting a culture of accountability and continuous improvement.
• Coordinate cross-functional security initiatives with IT, compliance, legal, HR, and risk management teams.
• Stay informed of emerging threats, risks, and legal technology trends relevant to the professional services sector

Qualifications:

• Bachelor’s degree in information security, Computer Science, or a related field
• 5+ years of experience in cybersecurity or information security roles, ideally in a legal or professional services environment
• Industry certifications (e.g., CISSP, CISM, CISA, CYSA, SEC+, CCSP)
• Strong understanding of cybersecurity frameworks (e.g., ISO 27001, NIST, etc.) and legal industry compliance requirements
• Experience with SIEMs, firewalls, IDS/IPS, endpoint protection, and IAM systems
• Experience with security requirements related to client RFPs and third-party audits.
• Hands-on experience with cloud security (AWS, Azure)
• Experience with document management systems, legal practice management software and e-discovery tools is a plus

Required Skill and Abilities:

• Strong ethical compass and respect for confidentiality.
• Proactive mindset with excellent problem-solving skills.
• Ability to manage multiple priorities in a fast-paced environment.
• Strong project management and organizational skills.
• Excellent communication skills and the ability to present technical information to non-technical audiences

About Parker Hudson

Parker, Hudson, Rainer & Dobbs LLP is a mid-sized firm with an integrated collection of exceptional boutique practices. We are a firm of more than 60 lawyers passionately dedicated to helping our clients “go beyond”—break through barriers, surmount obstacles and exceed their own expectations. Companies of all sizes look to us for creative, interdisciplinary solutions to their most important problems. Our client service approach also goes beyond. Many of our lawyers left big firms in favor of close working relationships and deep involvement with the businesses we serve. As a result, we combine superior legal talent and work product with the fee structure and efficiencies of a mid-sized firm. From offices in Atlanta, Tallahassee, and Chicago, we work with businesses across the United States and around the world. Through our affiliation with Meritas, a highly selective association of 172 law firms in more than 89 countries, we can ensure top-quality legal representation wherever your business takes you.

Connections working at Parker Hudson