Director, Cybersecurity and Privacy Risk Advisor

Paul Hastings is a leading international law firm that provides innovative legal solutions to many of the world's top financial institutions and Fortune Global 500 companies. With a strong presence throughout Asia, Europe, Latin America, and the U.S., we have the global reach and extensive capabilities to provide personalized service wherever our clients' needs take us. As one of the world's leading law firms, we seek dynamic individuals who share our commitment to service, innovation, and professional growth.

We have an opening for a Director, Cybersecurity and Privacy Risk Advisor.

The Director, Cybersecurity and Privacy Risk Advisor will lead the maturing of Information Security Governance and Risk functions. This includes managing the creation, renewal, and maintenance of all policies, standards, processes, and procedures in alignment with the Firm's Information Security Policy. This includes connecting workstreams, building relationships, coordinating and communicating with the broader organization, especially Privacy, IT, and the OGC.

In this capacity, the Director, Cybersecurity and Privacy Risk Advisor will:

• Coordinate Information Security Governance and Risk work streams and establish prioritization of key activities;
• Formalize cyber risk controls as managed within ISO framework for standards and policy, NIST controls and cyber risk assessments, including controls managed within the Information Security Policy;
• Lead efforts within the team to maintain controls, standards and policies for meeting compliance and continuous control monitoring as part of reporting and metrics;
• Facilitate discussions and communication between governance and risk management process related to information security and IT controls activities;
• Establish library of process and procedures aligned with set of controls and tailor the controls as needed to the risk; and
• Establish goals and develop plans to continually improve Information Security Governance and Risk services leveraging timely delivery and management methodologies.

Proficiencies:

• Demonstrates proven thought leader abilities, competencies and success solving complex IT-risk management issues;
• Experience with the identification, development, and oversight of cybersecurity policy, processes, and procedures;
• Knowledge of tools and technology to provide data analytics and business intelligence on cyber threats, risks and vulnerabilities;
• Ability to prepare concise and accurate documents using MS Office to complete project deliverables;
• Demonstrates proven thought leadership abilities with directing and business functions and teams;
• Creates positive working environment by monitoring and managing workloads of the team while balancing expectations;
• Provides candid, meaningful feedback in a timely manner to team members while keeping leadership informed of progress and issues; and
• Ability to communicate effectively across the organization and build strong partnerships with other teams.

Qualifications:

• Bachelor's degree;
• Proven experience in a similar role;
• At least 15 years' work experience, ideally in the Information Technology or Information Security sector;
• At least 8 years' experience in a professional services or legal environment (preferred);
• At least 10 years' supervisory experience;
• Expert knowledge of project management best practices; and
• Working knowledge of NIST Cybersecurity Framework (CSF) and IT Service Management (ITSM).

Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.

Eligible employees can participate in the Firm's comprehensive benefits program, which include the following:

• Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short- and Long-Term Disability
• Flexible Spending Account and Health Savings Account
• Healthcare Concierge and Advocacy
• Lifestyle Spending Account
• Voluntary 401(k) Plan and Profit Sharing
• 10 Paid Holidays per year and a generous PTO Program
• Family Support including Paid Parental Leave, Fertility Benefits, Breast Milk Shipping, Back-up Child Care, Elder Care, and Tutoring
• Wellbeing programs (Employee Assistance Program, Relationship Support, Mental Health and Well-Being Events)
• Retirement Plan Consulting
• Anniversary Bonus Program
• Professional Development Programs
• Transportation and Commuter Benefits
• International Travel Insurance
• Auto/Home/Pet Insurance
• Prepaid Legal Insurance
• Employee Discounts
• And More!

The Firm has a range of diversity initiatives including our Paul Hastings Affinity Networks (PHANs), Women's Initiative, and PH Balanced. These initiatives provide a firmwide forum to share experiences, as well as an opportunity to participate in a supportive network with common interests to help make life at the firm more inclusive. Learn more about our Global Diversity, Inclusion and Wellness Initiatives here.

Paul Hastings LLP is an equal employment and affirmative action employer F/M/Disability/Vet/Sexual Orientation/Gender Identity.