Information Security Manager

Prestigious law firm in midtown Manhattan Manhattan is seeking an Information Security Manager.

Responsibilities:

• Develop and maintain the firm’s information security policies, standards, and procedures.
• Develop, implement, and maintain a comprehensive information security program that aligns with the firm’s strategic objectives and client confidentiality obligations
• Assess and manage cybersecurity risks; conduct vulnerability assessments and penetration testing
• Ensure compliance with NIST, ISO, HIPAA, and client confidentiality obligations
• Oversee (develop and maintain) security policies, procedures, training, and awareness programs for attorneys and staff
• Collaborate with IT, Legal, and Compliance teams on security integration, vendor oversight, and cloud management

Requirements:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field required (advanced degrees are preferred)
• CISSP, CISM, CISA, GIAC, COMPTia Security+, GISO, certifications are a plus
• Minimum 7–10 years of progressive IT and information security experience, with at least 3 years in a leadership role
• Proven expertise with security frameworks and standards such as NIST, ISO 27001, and HIPAA
• Demonstrated ability to lead incident response, risk management, and compliance efforts
• Self-motivated, with the ability to work independently but within a team environment