Pillsbury Winthrop Shaw Pittman
Director - IT Security
Pillsbury Winthrop Shaw Pittman, Nashville, Tennessee, United States, 37247
Nashville, Tennessee
Job Description
The Director, IT Security will set and drive the Global Cybersecurity Strategy. This role is responsible for leading the development and continuous evolution of a comprehensive, firm-wide cybersecurity strategy that aligns with the unique needs of an international law firm and its clients, with a strong emphasis on data confidentiality, integrity, and regulatory compliance across jurisdictions.
KEY RESPONSIBILITIES
Architect Cloud-focused and Zero Trust Security Models:
Champion the transition to a secure, cloud-focused environment by designing and implementing modern, scalable architectures such as Zero Trust, tailored to hybrid legal workflows and geographically distributed operations.
Steer Enterprise Security Governance : Establish and enforce robust security governance frameworks, policies, and risk management protocols that are consistent with industry best practices (e.g., NIST, ISO 27001) and address the complex legal and ethical obligations inherent in client data protection.
Lead Threat Intelligence and Incident Readiness Programs : Oversee global threat intelligence gathering and proactive risk mitigation initiatives. Ensure the firm is prepared to respond decisively to sophisticated cyber threats, including ransomware, nation-state attacks, and third-party breaches.
Oversee Business Continuity and Disaster Recovery Planning : Lead the firm's global business continuity and disaster recovery (BC/DR) strategy, ensuring resilience of critical legal services and IT operations. Conduct regular risk assessments, testing, and scenario planning to minimize disruption and uphold client obligations in the face of cyber, operational, or natural disasters.
Enable Secure Innovation and Digital Transformation : Partner with firm leadership, legal practice groups, and IT to embed security by design into new technology initiatives, ensuring secure client collaboration, remote work capabilities, and digital service delivery.
Cultivate Cross-Functional and International Collaboration : Build strong working relationships with legal, compliance, privacy, and risk management teams across regions. Provide executive-level insights to align security objectives with the firm's strategic goals and client commitments.
Foster a Culture of Security Awareness and Resilience : Drive firmwide education and awareness programs tailored to the legal sector. Promote a culture where cybersecurity is a shared responsibility, reinforced through training, simulations, and leadership visibility.
REQUIRED EDUCATION, KNOWLEDGE & EXPERIENCE
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of ten years' experience in information security, with at least 5 years in a senior architect or equivalent role.
Experience in legal or other highly regulated industries is preferred.
REQUIRED SKILLS AND ABILITIES
Detailed knowledge of modern cyber technologies and tools.
Familiarity with security frameworks.
Proven expertise in designing and implementing security controls, particularly within Microsoft 365 and Azure environments.
Hands-on experience with threat modeling, risk assessments, and vulnerability management in hybrid IT environments.
Exceptional communication and collaboration skills, with the ability to engage effectively with both technical and non-technical stakeholders.
Strong analytical and problem-solving skills.
A proactive mindset with a focus on driving security innovation and operational excellence.
Self-starter with the ability to work independently and lead strategic initiatives.
Detail-oriented with a commitment to delivering high-quality results.
Adaptability to a fast-paced and dynamic environment.
PHYSICAL REQUIREMENTS
Ability to sit and stand for extended periods.
Ability to lift up to 25 pounds.
Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.
If you require an accommodation in order to apply for a position, please contact us at PillsburyWorkday@pillsburylaw.com.
Job Description
The Director, IT Security will set and drive the Global Cybersecurity Strategy. This role is responsible for leading the development and continuous evolution of a comprehensive, firm-wide cybersecurity strategy that aligns with the unique needs of an international law firm and its clients, with a strong emphasis on data confidentiality, integrity, and regulatory compliance across jurisdictions.
KEY RESPONSIBILITIES
Architect Cloud-focused and Zero Trust Security Models:
Champion the transition to a secure, cloud-focused environment by designing and implementing modern, scalable architectures such as Zero Trust, tailored to hybrid legal workflows and geographically distributed operations.
Steer Enterprise Security Governance : Establish and enforce robust security governance frameworks, policies, and risk management protocols that are consistent with industry best practices (e.g., NIST, ISO 27001) and address the complex legal and ethical obligations inherent in client data protection.
Lead Threat Intelligence and Incident Readiness Programs : Oversee global threat intelligence gathering and proactive risk mitigation initiatives. Ensure the firm is prepared to respond decisively to sophisticated cyber threats, including ransomware, nation-state attacks, and third-party breaches.
Oversee Business Continuity and Disaster Recovery Planning : Lead the firm's global business continuity and disaster recovery (BC/DR) strategy, ensuring resilience of critical legal services and IT operations. Conduct regular risk assessments, testing, and scenario planning to minimize disruption and uphold client obligations in the face of cyber, operational, or natural disasters.
Enable Secure Innovation and Digital Transformation : Partner with firm leadership, legal practice groups, and IT to embed security by design into new technology initiatives, ensuring secure client collaboration, remote work capabilities, and digital service delivery.
Cultivate Cross-Functional and International Collaboration : Build strong working relationships with legal, compliance, privacy, and risk management teams across regions. Provide executive-level insights to align security objectives with the firm's strategic goals and client commitments.
Foster a Culture of Security Awareness and Resilience : Drive firmwide education and awareness programs tailored to the legal sector. Promote a culture where cybersecurity is a shared responsibility, reinforced through training, simulations, and leadership visibility.
REQUIRED EDUCATION, KNOWLEDGE & EXPERIENCE
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of ten years' experience in information security, with at least 5 years in a senior architect or equivalent role.
Experience in legal or other highly regulated industries is preferred.
REQUIRED SKILLS AND ABILITIES
Detailed knowledge of modern cyber technologies and tools.
Familiarity with security frameworks.
Proven expertise in designing and implementing security controls, particularly within Microsoft 365 and Azure environments.
Hands-on experience with threat modeling, risk assessments, and vulnerability management in hybrid IT environments.
Exceptional communication and collaboration skills, with the ability to engage effectively with both technical and non-technical stakeholders.
Strong analytical and problem-solving skills.
A proactive mindset with a focus on driving security innovation and operational excellence.
Self-starter with the ability to work independently and lead strategic initiatives.
Detail-oriented with a commitment to delivering high-quality results.
Adaptability to a fast-paced and dynamic environment.
PHYSICAL REQUIREMENTS
Ability to sit and stand for extended periods.
Ability to lift up to 25 pounds.
Pillsbury Winthrop Shaw Pittman LLP is an Equal Opportunity Employer.
If you require an accommodation in order to apply for a position, please contact us at PillsburyWorkday@pillsburylaw.com.