What are the responsibilities and job description for the Director, Information Security Architect position at Paul Hastings LLP?
Paul Hastings is a leading international law firm that provides innovative legal solutions to many of the world's top financial institutions and Fortune Global 500 companies. With a strong presence throughout Asia, Europe, Latin America, and the U.S., we have the global reach and extensive capabilities to provide personalized service wherever our clients' needs take us. As one of the world's leading law firms, we seek dynamic individuals who share our commitment to service, innovation, and professional growth.
We have an opening for a Director, Information Security Architect to join our global legal organization.
The Director, Information Security Architect will directly report to the CISO and will play a pivotal role in shaping the firm's security architecture as we transition from traditional on-premises environments to a cloud-first model centered on Microsoft 365. This position requires a deep understanding of cloud security, enterprise-scale cyber technologies, and strong collaboration with cross-functional teams.
In this capacity, the Director, Information Security Architect will:
- Design and oversee the firm's information security architecture, focusing on cloud-first solutions (e.g., Microsoft 365, Azure, etc.) while ensuring seamless integration with on-premises environments;
- Evaluate, recommend, and implement cutting-edge tools to enhance the firm's cyber defense capabilities, including areas such as CSPM (Cloud Security Posture Management) and SSPM (SaaS Security Posture Management);
- Architect and design solutions that align with the principles of Zero Trust including, but not limited to SASE (secure access edge service) and ZTNA (zero trust network access);
- Collaborate closely with the Cyber Engineering and Operations teams to ensure the architecture supports operational needs and aligns with security objectives;
- Conduct security assessments of existing and proposed systems, identifying gaps and recommending solutions that meet compliance, legal, and risk management requirements;
- Develop and maintain comprehensive documentation of security architecture, design principles, and system configurations;
- Act as the subject matter expert on cloud security, network, endpoint, mobile, and data security by providing guidance and mentorship to teams across the organization;
- Stay current with emerging security threats, trends, and technologies, ensuring the firm's architecture remains robust and adaptive to evolving risks; and
- Engage with stakeholders, including IT, legal, and compliance teams, to align security objectives with broader organizational goals.
Proficiencies:
- Familiarity with security frameworks such as NIST CSF, ISO 27001, and CIS Critical Security Controls;
- Proven expertise in designing and implementing cloud security controls, particularly within Microsoft 365 and Azure environments;
- Hands-on experience with threat modeling, risk assessments, and vulnerability management in hybrid IT environments;
- Exceptional communication and collaboration skills, with the ability to engage effectively with both technical and non-technical stakeholders;
- Strong analytical and problem-solving abilities;
- A proactive mindset with a focus on driving security innovation and operational excellence;
- Self-starter with the ability to work independently and lead strategic initiatives;
- Detail-oriented with a commitment to delivering high-quality results; and
- Adaptability to a fast-paced and dynamic work environment.
Qualifications:
- Bachelor's degree in Computer Science, Information Security or a related field (required); Master's degree (preferred);
- 10 years of progressive experience in information security, with at least 5 years in a senior architect or equivalent role (required);
- Experience in legal or other highly regulated industries is a plus, but not required;
- Relevant certifications such as CISSP, CISM, CCSP, or Azure Security Engineer are strongly preferred; and
- Strong knowledge of modern cyber technologies and tools, including but not limited to CSPM, SSPM, EDR, SIEM, and CASB.
Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.
Eligible employees can participate in the Firm's comprehensive benefits program, which include the following:
- Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short and Long Term Disability
- Flexible Spending Account and Health Savings Account
- Healthcare Concierge and Advocacy
- Voluntary 401k Plan and Profit Sharing
- 10 Paid Holidays per year and a generous PTO program
- Family Support including Pediatric Mental Health and Parental Support, Paid Parental Leave, Fertility Benefits, and Breast Milk Shipping
- Back-up Child Care, Elder Care, and Tutoring
- Wellness Programs (Employee Assistance Program, Mental Health, and Well-Being Events)
- Retirement Plan Consulting
- Anniversary Bonus Program
- Professional Development Programs
- Transportation Allowance and Commuter Benefits
- International Travel Insurance
- Auto/Home/Legal Insurance
- Pet Insurance
- Employee discounts
- And more!
The Firm has a range of diversity initiatives including our Paul Hastings Affinity Networks (PHANs), Women's Initiative, and PH Balanced. These initiatives provide a firmwide forum to share experiences, as well as an opportunity to participate in a supportive network with common interests to help make life at the firm more inclusive. Learn more about our Global Diversity, Inclusion and Wellness Initiatives here.
Paul Hastings LLP is an equal employment and affirmative action employer F/M/Disability/Vet/Sexual Orientation/Gender Identity.
