Dechert LLP

DirectorofITSecurity&RiskManagement

$225–325k ~AI est. Philadelphia, Pennsylvania, United States FULL TIME Remote Friendly
The Brief

“Director of IT Security & Risk Management at Dechert LLP. Skills: Information Security, Risk Management, Cybersecurity Governance. Lead global information security program. Develop forward-looking security strategy”

Industry & Context.

Problems you'll solve

Risk mitigation strategies

What They're Looking For.

Must Have

Relevant BS / BA degree, 10+ years of experience in Information Security, 5+ years in a Security leadership role, Knowledge of enterprise data centers, Knowledge of network technologies, Knowledge of virtualization, Knowledge of unified communication, Knowledge of mobility, Experience with common security standards, Experience with risk frameworks, Knowledge of enterprise architecture, Knowledge of security architecture, Understanding of common commercial development technologies, Understanding of database technologies, Experience in developing security governance program, Experience in managing security governance program, Ability to operate independently, Ability to collaborate in teams, Written communication skills, Verbal communication skills

Nice to Have

Industry recognized security certifications, Legal industry knowledge, Legal industry awareness, Project management experience, Budget experience, Forecast experience

What You'll Do.

Lead global information security program

Develop forward-looking security strategy

Serve as trusted advisor

Establish security operating model

Manage information security budget

Plan program resources

Manage program roadmap

Design cybersecurity governance framework

Maintain cybersecurity governance framework

Develop security policies

Implement security policies

Maintain security policies

Develop security standards

Implement security standards

Maintain security standards

Develop security procedures

Implement security procedures

Maintain security procedures

Develop security guidelines

Implement security guidelines

Maintain security guidelines

Create risk-based control framework

Manage risk-based control framework

Support firm-wide risk assessments

Advise leaders on risk mitigation

Oversee incident identification

Oversee incident detection

Oversee incident response

Oversee incident management

Oversee incident recovery

Lead incident response plan development

Lead incident response plan maintenance

Lead incident response plan testing

Monitor external threat environment

Advise stakeholders on threats

Advise stakeholders on vulnerabilities

Advise stakeholders on mitigation actions

Ensure business-critical services resilience

Ensure services recoverability

Ensure security controls effectiveness

Embed security into projects

Embed security into system implementations

Embed security into operational processes

Embed security into technology change initiatives

Evaluate security technologies

Implement security technologies

Improve operational maturity

Establish baseline controls

Support asset inventories development

Support asset inventories maintenance

Partner with Procurement on contracts

Partner with General Counsel on contracts

Ensure security provisions in contracts

Ensure data protection in contracts

Support client security assessments

Support outside counsel guidelines

Support security due diligence requests

Define standards for client expectations

Maintain standards for client expectations

Define controls for client expectations

Maintain controls for client expectations

Define assurance practices for client expectations

Maintain assurance practices for client expectations

Build relationships with external peers

Build relationships with external partners

Build relationships with external vendors

Build relationships with industry groups

Lead security awareness program

Lead security training program

Establish security metrics

Establish security reporting

Measure program effectiveness

Identify security trends

Support decision-making

Recruit information security professionals

Develop information security professionals

Retain information security professionals

Foster accountability culture

Foster collaboration culture

Foster continuous improvement culture

How You'll Work.

Team & Collaboration

Partner with firm leadership; Partner with business services; Partner with technology teams; Partner with legal stakeholders; Partner with risk stakeholders; Collaborate in teams

Communication Scope

Written communication; Verbal communication

Process & Methodology

Program roadmap, Budget management

Free ATS check

Applying for this Director of IT Security & Risk Management role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

How to Apply on Workday

  • Workday has a multi-step form — save your progress after every section.
  • "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
  • Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
  • Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Dechert LLP?

Real rants from real employees. Read before you apply.

Read Company Rants →