Information Security Manager
JobgetherThis position is posted by Jobgether on behalf of a partner company. We are currently looking for an Information Security Manager in the United States.
This role is responsible for leading and enhancing the organization’s information security program to protect sensitive data, systems, and client information. The Information Security Manager will serve as both a strategic advisor and hands-on technical leader, collaborating closely with IT, legal, and compliance teams. You will design, implement, and maintain security policies and controls, oversee risk assessments, and ensure compliance with industry frameworks and regulatory requirements. This position also includes mentoring security staff, leading incident response efforts, and driving continuous improvement in security posture. The role provides an opportunity to make a tangible impact on organizational resilience while working in a highly collaborative, dynamic environment with evolving cybersecurity challenges.
\n- Develop, implement, and maintain the firm’s information security program, policies, and procedures
- Conduct risk assessments, vulnerability testing, and penetration testing; manage mitigation and remediation efforts
- Lead incident response initiatives, including investigation, remediation, reporting, and tabletop exercises
- Oversee security awareness and training programs for staff and attorneys
- Manage security tools and technologies, including firewalls, endpoint protection, SIEM, and IAM systems
- Ensure compliance with NIST, ISO, HIPAA, and client confidentiality standards
- Collaborate with IT, Legal, and Compliance teams on security integration, vendor oversight, and cloud management
- Mentor and manage security staff, fostering development and operational excellence
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (advanced degrees preferred)
- 7–10 years of progressive IT and information security experience, with at least 3 years in a leadership role
- Professional certifications (CISSP, CISM, CISA, GIAC, CompTIA Security+, GISO) are a plus
- Strong understanding of security frameworks and standards such as NIST, ISO 27001, and HIPAA
- Experience with law firm technology environments, including document management systems, practice management tools, cloud platforms, and eDiscovery systems
- Proven ability to lead incident response, risk management, and compliance initiatives
- Excellent interpersonal, communication, and presentation skills with both technical and non-technical stakeholders
- Strong critical thinking, problem-solving, and change leadership abilities
- Self-motivated, collaborative, and able to manage multiple priorities simultaneously
- Competitive salary with targeted range of $160,000–$175,000 based on experience
- Annual discretionary bonus eligibility
- Generous paid time off (vacation, personal days, holidays, sick leave)
- Firm-paid short and long-term disability, life, and accident insurance
- 401(k) Profit Sharing Plan and Cash Balance Retirement Plan with employer contributions
- Comprehensive medical, dental, and vision insurance options
- Flexible spending and health savings accounts
- Employee Assistance Program (EAP)
- Student loan refinancing discounts
- Fitness/gym dues reimbursement program
Why Apply Through Jobgether?
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
#LI-CL1