Wilmer Cutler Pickering Hale and Dorr LLP is hiring: Director, Information Secur
Wilmer Cutler Pickering Hale and Dorr LLP, Miamisburg, OH, United States
Tracking Code 2130-437 Job Description WilmerHale is a leading, full-service international law firm with 1,000 lawyers located throughout 12 offices in the United States, Europe and Asia. Our lawyers work at the intersection of government, technology and business, and we remain committed to our guiding principles of providing quality, excellent legal and client services; developing diversity among our lawyers and staff and cultivating an environment that promotes an ambitious spirit, collaboration and collegiality by drawing on the extraordinary talents and dynamic experience of our lawyers. Our goal is to reflect the diversity of our clients and the communities in which we practice. What You Will Be Doing The Director, Information Security is responsible for directing IS strategy and activities related to information security. The Director provides leadership and direction to a team responsible for developing and implementing an overall enterprise security strategy, program, and architecture that minimizes information related loss and meets client and regulatory requirements. Develops, monitors and enforces firm-wide information security policies to ensure that appropriate access to, and the confidentiality of firm, client and private information is maintained. Conducts information risk assessments as an integral part of business planning involving General Counsel, internal experts and business owners as required. Serves as a liaison to firm clients in all matters of information security including completion of client audits and review of RFPs and outside counsel guidelines. Leads and coordinates the firm's tactical and operational response to information security incidents. Identifies and reports on information security incidents to firm management. Manages organizational risk by ensuring the protection of the enterprise infrastructure with a layered system of technical defenses including firewalls, intrusion detection and prevention, antivirus, and content monitoring. Provides risk review and approval of changes to systems, applications and facilities. Leads the evaluation and recommendation of security products, services and/or procedures to enhance productivity and effectiveness. Leads risk assessments of firm vendors and solution providers. Oversees and conducts security awareness programs and provides education on security policies and practices. Ensures that staff members are providing quality service to internal members/departments of the Firm as well as external clients and vendors by displaying professionalism via electronic and print correspondence, over the telephone and in-person and by encouraging an atmosphere that rewards a "can do" attitude. About The Role Manages Information Security staff, including scheduling, performance evaluation, salary recommendation and related personnel actions. Identifies areas of risk to firm, client and private information and leads risk assessments to determine appropriate remediation, serving as a liaison to General Counsel in this regard. Works directly with firm clients to address information security concerns and complete written and in-house security audits, negotiating and implementing requested security training and technical measures. Works with the business to review Outside Counsel Guidelines and Requests for Proposal, confirming the firm's ability to meet requirements and requesting changes as warranted. Directs firm activities and resources to achieve and maintain compliance with information security standards such as state and federal privacy laws, ISO 27002/1, and General Data Protection Regulation. Leads and coordinates the firm's operational response to information security incidents that threaten firm, client and private information, directing forensics and organizing communications. Identifies and reports on information security incidents to firm management. Approves ch