Information Security Manager

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Information Security Manager in United States.

As an Information Security Manager, you will be responsible for shaping and overseeing the firm’s comprehensive information security program, ensuring the confidentiality, integrity, and availability of critical data and systems. You will work closely with IT leadership, legal teams, and executive management to implement security strategies that align with organizational goals and regulatory requirements. This role combines hands-on technical leadership, strategic planning, and team mentorship to safeguard sensitive information while enabling business operations. The position offers the opportunity to lead cybersecurity initiatives, manage risk, and continuously improve security processes in a dynamic, fast-paced professional environment.

• Develop, implement, and maintain information security policies, standards, and procedures aligned with organizational objectives.
• Lead the firm’s comprehensive information security program, ensuring compliance with NIST, ISO, HIPAA, and client confidentiality obligations.
• Conduct risk assessments, vulnerability testing, and penetration testing, managing mitigation and remediation efforts.
• Manage incident response efforts, including investigation, remediation, reporting, and development of response playbooks.
• Oversee security tools such as firewalls, endpoint protection, SIEM, IAM, and cloud security solutions.
• Provide security training, awareness programs, and guidance to attorneys, staff, and vendors.
• Collaborate with IT, Legal, and Compliance teams to integrate security measures and manage vendor relationships.
• Mentor and manage security staff, promoting a culture of continuous improvement and cybersecurity excellence.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; advanced degrees preferred.
• 7–10 years of progressive IT and information security experience, with at least 3 years in a leadership role.
• Strong knowledge of security frameworks and standards such as NIST, ISO 27001, and HIPAA.
• Experience in law firm or professional services technology environments, including document management, practice management, cloud platforms, and eDiscovery systems.
• Demonstrated ability to lead incident response, risk management, and compliance initiatives.
• CISSP, CISM, CISA, GIAC, CompTIA Security+, or GISO certifications are a plus.
• Excellent verbal and written communication skills, with the ability to present complex security topics to non-technical stakeholders.
• Strong critical thinking, problem-solving, and project management skills, with the ability to manage multiple priorities effectively.
• Self-motivated and able to work independently while fostering collaboration across teams.

• Competitive salary with targeted range of $160,000–$175,000, with performance-based bonus eligibility.
• Generous paid time off including vacation, personal days, holidays, and sick leave.
• Comprehensive medical, dental, and vision insurance options.
• Firm-paid life, accident, short-term, and long-term disability insurance.
• 401(k) Profit Sharing Plan and Cash Balance Retirement Plan with employer contributions.
• Employee Assistance Program (EAP) and wellness initiatives.
• Student loan refinancing assistance and fitness/gym reimbursement programs.
• Hybrid work schedules with partial in-office presence (per policy).

Why Apply Through Jobgether?

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1