The Opportunity

The Director of IT Security & Risk manages and secures the firm’s technology and information by designing, implementing, and enforcing security controls, safeguards, policies, and procedures. This role also involves risk assessment, security implementation, staff training, coordination with IT management, compliance assurance, and policy enforcement.

The Day-To-Day

On any given day, you will:

• Oversee the security team, monitor daily performance, and address deficiencies promptly
• Participate in firm-wide IT strategic planning
• Review, implement, update and manage document framework for firm wide information technology security policies and procedures, standards, and operating guidelines
• Manage the firm’s security incident, detections and response systems, processes, and procedures; manage the investigation and response to security incidents
• Continuously validate the firm against policies, guidelines, procedures, regulations, laws to ensure risk mitigation and compliance where applicable
• Reviewing, implementing, updating and documenting framework for firm wide information technology security policies and procedures, standards and operating guidelines.
• Manage the firm’s security incident, detections and response systems, processes and procedures; manage the investigation and response to security incidents.
• Continuously validate the firm against policies, guidelines, procedures, regulations, laws to ensure risk mitigation and compliance where applicable.
• Review and Risk Score all new technologies and services to ensure compliance to the firm’s security and risk framework.
• Manage the security training and awareness program
• Manage the Client Audit process to a successful completion working with the office of General Counsel, client relationship partner and the client.
• Manage and ensure that security audits, tests, and reviews are reviewed coordinated, conducted and on a scheduled basis. This includes interfacing with the firm’s clients to facilitate their audit and RFP processes.
• Ensure that security technology and practice requirements are integrated into the continuity planning
• Manage regular internal and third-party security audits; manage regular penetration tests, vulnerability scans, etc.
• Work with the Director of IT to maintain budgets for security operations and monitor associated expenses
• Innovation and Optimization: Recommending and implementing optimizations based on knowledge of the firm, associated technologies and internal environment
• Advise TSG and other Administrative department leaders when evaluating new technology platforms and services for the Firm.

You Have

• A bachelor's degree or equivalent experience
• Effective interpersonal and communication skills, both verbally and in writing
• Close attention to detail
• Ability to handle sensitive matters and maintain confidentiality
• Ability to handle multiple assignments and shifting priorities
• Ability to organize and prioritize work
• Ability to work well in a demanding and fast-paced environment
• Ability to work independently as well as effectively within a team
• A commitment to quality of finished product
• Ability to problem solve
• Strong ability to adapt to changing technology within a professional services organization.
• Knowledge of best practices for maintaining security of Firm systems

About Seyfarth Shaw LLP

At Seyfarth, we understand that great people are the key to our success, and we provide the opportunities to match. If you join us, you’ll work with state-of-the-art technology in a friendly and professional environment, and we will continue to invest in your professional development. If you want the freedom to grow at a firm that is invested in your future, please apply.

Connections working at Seyfarth Shaw LLP