Pillsbury Winthrop Shaw Pittman LLP
Director - IT Security
Pillsbury Winthrop Shaw Pittman LLP, Nashville, Tennessee, United States, 37247
The Director, IT Security will set and drive the Global Cybersecurity Strategy. This role is responsible for leading the development and continuous evolution of a comprehensive, firm-wide cybersecurity strategy that aligns with the unique needs of an international law firm and its clients, with a strong emphasis on data confidentiality, integrity, and regulatory compliance across jurisdictions.
KEY RESPONSIBILITIES
Architect Cloud-focused and Zero Trust Security Models:
Champion the transition to a secure, cloud-focused environment by designing and implementing modern, scalable architectures such as Zero Trust, tailored to hybrid legal workflows and geographically distributed operations. Steer Enterprise Security Governance : Establish and enforce robust security governance frameworks, policies, and risk management protocols that are consistent with industry best practices (e.g., NIST, ISO 27001) and address the complex legal and ethical obligations inherent in client data protection. Lead Threat Intelligence and Incident Readiness Programs : Oversee global threat intelligence gathering and proactive risk mitigation initiatives. Ensure the firm is prepared to respond decisively to sophisticated cyber threats, including ransomware, nation-state attacks, and third-party breaches. Oversee Business Continuity and Disaster Recovery Planning : Lead the firm’s global business continuity and disaster recovery (BC/DR) strategy, ensuring resilience of critical legal services and IT operations. Conduct regular risk assessments, testing, and scenario planning to minimize disruption and uphold client obligations in the face of cyber, operational, or natural disasters. Enable Secure Innovation and Digital Transformation : Partner with firm leadership, legal practice groups, and IT to embed security by design into new technology initiatives, ensuring secure client collaboration, remote work capabilities, and digital service delivery. Cultivate Cross-Functional and International Collaboration : Build strong working relationships with legal, compliance, privacy, and risk management teams across regions. Provide executive-level insights to align security objectives with the firm’s strategic goals and client commitments. Foster a Culture of Security Awareness and Resilience : Drive firmwide education and awareness programs tailored to the legal sector. Promote a culture where cybersecurity is a shared responsibility, reinforced through training, simulations, and leadership visibility. REQUIRED EDUCATION, KNOWLEDGE & EXPERIENCE Bachelor’s degree in Computer Science, Information Security, or a related field. Minimum of ten years’ experience in information security, with at least 5 years in a senior architect or equivalent role. Experience in legal or other highly regulated industries is preferred. REQUIRED SKILLS AND ABILITIES Detailed knowledge of modern cyber technologies and tools. Familiarity with security frameworks. Proven expertise in designing and implementing security controls, particularly within Microsoft 365 and Azure environments. Hands-on experience with threat modeling, risk assessments, and vulnerability management in hybrid IT environments. Exceptional communication and collaboration skills, with the ability to engage effectively with both technical and non-technical stakeholders. Strong analytical and problem-solving skills. A proactive mindset with a focus on driving security innovation and operational excellence. Self-starter with the ability to work independently and lead strategic initiatives. Detail-oriented with a commitment to delivering high-quality results. Adaptability to a fast-paced and dynamic environment. PHYSICAL REQUIREMENTS Ability to sit and stand for extended periods. Ability to lift up to 25 pounds. Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer. Weset ahigh bar forclient service and regularly ask clients how we can do better.Our responsiveness has placed us among the
Top 25 Most Recommended Law Firms Among GCs
for five years running in BTI’s benchmark survey of corporate counsel. Benefits - Transparency Rule
This link leads to the machine readable files that are made available in response to the federal Transparency in Coverage Rule and includes negotiated service rates and out-of-network allowed amounts between health plans and healthcare providers. The machine-readable files are formatted to allow researchers, regulators and application developers to more easily access and analyze data.
#J-18808-Ljbffr
Champion the transition to a secure, cloud-focused environment by designing and implementing modern, scalable architectures such as Zero Trust, tailored to hybrid legal workflows and geographically distributed operations. Steer Enterprise Security Governance : Establish and enforce robust security governance frameworks, policies, and risk management protocols that are consistent with industry best practices (e.g., NIST, ISO 27001) and address the complex legal and ethical obligations inherent in client data protection. Lead Threat Intelligence and Incident Readiness Programs : Oversee global threat intelligence gathering and proactive risk mitigation initiatives. Ensure the firm is prepared to respond decisively to sophisticated cyber threats, including ransomware, nation-state attacks, and third-party breaches. Oversee Business Continuity and Disaster Recovery Planning : Lead the firm’s global business continuity and disaster recovery (BC/DR) strategy, ensuring resilience of critical legal services and IT operations. Conduct regular risk assessments, testing, and scenario planning to minimize disruption and uphold client obligations in the face of cyber, operational, or natural disasters. Enable Secure Innovation and Digital Transformation : Partner with firm leadership, legal practice groups, and IT to embed security by design into new technology initiatives, ensuring secure client collaboration, remote work capabilities, and digital service delivery. Cultivate Cross-Functional and International Collaboration : Build strong working relationships with legal, compliance, privacy, and risk management teams across regions. Provide executive-level insights to align security objectives with the firm’s strategic goals and client commitments. Foster a Culture of Security Awareness and Resilience : Drive firmwide education and awareness programs tailored to the legal sector. Promote a culture where cybersecurity is a shared responsibility, reinforced through training, simulations, and leadership visibility. REQUIRED EDUCATION, KNOWLEDGE & EXPERIENCE Bachelor’s degree in Computer Science, Information Security, or a related field. Minimum of ten years’ experience in information security, with at least 5 years in a senior architect or equivalent role. Experience in legal or other highly regulated industries is preferred. REQUIRED SKILLS AND ABILITIES Detailed knowledge of modern cyber technologies and tools. Familiarity with security frameworks. Proven expertise in designing and implementing security controls, particularly within Microsoft 365 and Azure environments. Hands-on experience with threat modeling, risk assessments, and vulnerability management in hybrid IT environments. Exceptional communication and collaboration skills, with the ability to engage effectively with both technical and non-technical stakeholders. Strong analytical and problem-solving skills. A proactive mindset with a focus on driving security innovation and operational excellence. Self-starter with the ability to work independently and lead strategic initiatives. Detail-oriented with a commitment to delivering high-quality results. Adaptability to a fast-paced and dynamic environment. PHYSICAL REQUIREMENTS Ability to sit and stand for extended periods. Ability to lift up to 25 pounds. Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer. Weset ahigh bar forclient service and regularly ask clients how we can do better.Our responsiveness has placed us among the
Top 25 Most Recommended Law Firms Among GCs
for five years running in BTI’s benchmark survey of corporate counsel. Benefits - Transparency Rule
This link leads to the machine readable files that are made available in response to the federal Transparency in Coverage Rule and includes negotiated service rates and out-of-network allowed amounts between health plans and healthcare providers. The machine-readable files are formatted to allow researchers, regulators and application developers to more easily access and analyze data.
#J-18808-Ljbffr