Pillsbury Winthrop Shaw Pittman
Director - IT Security
Pillsbury Winthrop Shaw Pittman, Nashville, Tennessee, United States, 37247
Nashville, Tennessee
Job Description
The Director of IT Security is a senior leader responsible for designing, managing, and executing the firm's technical cybersecurity strategy and operations. This role focuses on real-time threat detection, response, prevention, and security engineering, ensuring the integrity, confidentiality, and availability of the firm's digital assets across a global environment.
This position leads a team responsible for cyber defense operations, incident response, vulnerability management, and secure infrastructure engineering. It works in close partnership with the Director of GRC and the Senior Director of Technology.
This is a highly collaborative role requiring the ability to foster strong partnerships across technical and non-technical teams. Exceptional communication skills are essential to effectively
convey complex security concepts and coordinate seamlessly with stakeholders at all levels.
KEY RESPONSIBILITIES
Cybersecurity Strategy & Leadership
Develop and lead a proactive cybersecurity strategy grounded in real-time threat intelligence, detection, and rapid mitigation.
Act as the firm's authoritative voice on active threats, delivering clear, accurate, and timely notifications to firm leadership, including Executive Committee and General Counsel, as necessary.
Establish robust executive communication protocols for threat alerting, escalation, and resolution tracking.
Drive alignment of the security program with business priorities and client obligations.
Oversee selection and optimization of security platforms and services.
Manage vendor relationships with MSSPs, MDR providers, and technology partners.
Continuously improve metrics and reporting to measure security posture and readiness.
Cybersecurity Architecture & Engineering
Design and maintain a modern security architecture across cloud and on-prem environments (e.g., Microsoft 365, Azure, endpoint, and perimeter).
Oversee implementation of secure network, identity, and endpoint solutions.
Evaluate and deploy next-generation security tools including EDR, XDR, SOAR, and Zero Trust models.
Security Operations Center (SOC) & Threat Detection
Lead global 24x7 security operations, managing internal and outsourced SOC providers.
Develop playbooks and automation pipelines for threat detection, alert triage, and incident response.
Oversee log management and SIEM tuning to reduce noise and improve response precision.
Incident Response & Forensics
Own the end-to-end incident response process, including containment, eradication, and root cause analysis.
Lead technical response to security breaches, ransomware events, or advanced persistent threats.
Conduct post-incident reviews and implement lessons learned.
Technical Vulnerability & Patch Management
Oversee vulnerability scanning, penetration testing, and remediation processes.
Ensure timely patching of critical systems in coordination with infrastructure and application teams.
Maintain current risk posture visibility through dashboards and metrics.
Identity & Access Security
Implement and monitor identity governance frameworks, privileged access management, and single sign-on controls.
Enforce least-privilege and role-based access design for internal and external users.
REQUIRED EDUCATION, KNOWLEDGE & EXPERIENCE
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or equivalent.
Minimum 8 years of experience in information security with 5+ years in a technical leadership role.
Certifications: CISSP, GIAC (GCIH, GCIA), OSCP, or related technical security credentials preferred
REQUIRED SKILLS AND ABILITIES
Demonstrated expertise in threat detection, escalation, and executive-level communication in high-stakes environments.
Strong hands-on knowledge of security operations, network/cloud security, and incident response.
Experience in legal, professional services, or highly regulated global environments.
PHYSICAL REQUIREMENTS
Ability to sit and stand for extended periods.
Ability to lift up to 25 pounds.
Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.
If you require an accommodation in order to apply for a position, please contact us at PillsburyWorkday@pillsburylaw.com.
Job Description
The Director of IT Security is a senior leader responsible for designing, managing, and executing the firm's technical cybersecurity strategy and operations. This role focuses on real-time threat detection, response, prevention, and security engineering, ensuring the integrity, confidentiality, and availability of the firm's digital assets across a global environment.
This position leads a team responsible for cyber defense operations, incident response, vulnerability management, and secure infrastructure engineering. It works in close partnership with the Director of GRC and the Senior Director of Technology.
This is a highly collaborative role requiring the ability to foster strong partnerships across technical and non-technical teams. Exceptional communication skills are essential to effectively
convey complex security concepts and coordinate seamlessly with stakeholders at all levels.
KEY RESPONSIBILITIES
Cybersecurity Strategy & Leadership
Develop and lead a proactive cybersecurity strategy grounded in real-time threat intelligence, detection, and rapid mitigation.
Act as the firm's authoritative voice on active threats, delivering clear, accurate, and timely notifications to firm leadership, including Executive Committee and General Counsel, as necessary.
Establish robust executive communication protocols for threat alerting, escalation, and resolution tracking.
Drive alignment of the security program with business priorities and client obligations.
Oversee selection and optimization of security platforms and services.
Manage vendor relationships with MSSPs, MDR providers, and technology partners.
Continuously improve metrics and reporting to measure security posture and readiness.
Cybersecurity Architecture & Engineering
Design and maintain a modern security architecture across cloud and on-prem environments (e.g., Microsoft 365, Azure, endpoint, and perimeter).
Oversee implementation of secure network, identity, and endpoint solutions.
Evaluate and deploy next-generation security tools including EDR, XDR, SOAR, and Zero Trust models.
Security Operations Center (SOC) & Threat Detection
Lead global 24x7 security operations, managing internal and outsourced SOC providers.
Develop playbooks and automation pipelines for threat detection, alert triage, and incident response.
Oversee log management and SIEM tuning to reduce noise and improve response precision.
Incident Response & Forensics
Own the end-to-end incident response process, including containment, eradication, and root cause analysis.
Lead technical response to security breaches, ransomware events, or advanced persistent threats.
Conduct post-incident reviews and implement lessons learned.
Technical Vulnerability & Patch Management
Oversee vulnerability scanning, penetration testing, and remediation processes.
Ensure timely patching of critical systems in coordination with infrastructure and application teams.
Maintain current risk posture visibility through dashboards and metrics.
Identity & Access Security
Implement and monitor identity governance frameworks, privileged access management, and single sign-on controls.
Enforce least-privilege and role-based access design for internal and external users.
REQUIRED EDUCATION, KNOWLEDGE & EXPERIENCE
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or equivalent.
Minimum 8 years of experience in information security with 5+ years in a technical leadership role.
Certifications: CISSP, GIAC (GCIH, GCIA), OSCP, or related technical security credentials preferred
REQUIRED SKILLS AND ABILITIES
Demonstrated expertise in threat detection, escalation, and executive-level communication in high-stakes environments.
Strong hands-on knowledge of security operations, network/cloud security, and incident response.
Experience in legal, professional services, or highly regulated global environments.
PHYSICAL REQUIREMENTS
Ability to sit and stand for extended periods.
Ability to lift up to 25 pounds.
Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.
If you require an accommodation in order to apply for a position, please contact us at PillsburyWorkday@pillsburylaw.com.