Information Security Manager (Remote from Texas)

The Information Security Manager will lead the development and execution of a comprehensive cybersecurity program, ensuring the confidentiality, integrity, and availability of organizational and client information. This role combines strategic oversight with hands-on technical leadership, guiding security initiatives, incident response, risk management, and compliance with industry standards. Working closely with IT, legal, and operational teams, the manager will implement robust security frameworks, mentor security staff, and provide expert guidance to senior leadership. The position offers a dynamic environment where innovation, proactive problem-solving, and adherence to evolving security standards are essential. You will play a key role in strengthening organizational resilience, supporting business objectives, and protecting sensitive information across diverse platforms and environments.

Accountabilities:

• Develop, implement, and maintain the organization’s information security policies, standards, and procedures.
• Establish and oversee a comprehensive information security program aligned with strategic goals and compliance obligations.
• Conduct risk assessments, vulnerability testing, and penetration assessments, and manage mitigation strategies.
• Lead incident response activities, including investigation, remediation, and reporting.
• Maintain compliance with regulatory frameworks such as NIST, ISO 27001, HIPAA, and client-specific requirements.
• Oversee security tools and technologies, including firewalls, SIEM, endpoint protection, IAM systems, and cloud security solutions.
• Provide security awareness training and guidance to staff and attorneys.
• Collaborate with IT, Legal, and Compliance teams on vendor management, cloud integration, and operational security.
• Mentor and manage security staff to ensure professional development and effective team performance.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; advanced degrees preferred.
• CISSP, CISM, CISA, GIAC, CompTIA Security+, GISO, or equivalent certifications are a plus.
• 7–10 years of progressive IT and information security experience, including at least 3 years in a leadership role.
• Expertise with security frameworks such as NIST, ISO 27001, and HIPAA.
• Knowledge of law firm or professional services technology environments, including document management, practice management, cloud platforms, and eDiscovery systems.
• Proven experience in incident response, risk management, and regulatory compliance.
• Strong communication and interpersonal skills to convey complex security concepts to senior leadership and non-technical stakeholders.
• Exceptional critical thinking, problem-solving, and project management skills.
• Self-motivated with the ability to work independently and collaboratively.

• Competitive salary within the $160,000–$175,000 range, plus discretionary bonus eligibility.
• Comprehensive medical, dental, and vision insurance options.
• Firm-paid life, accident, short- and long-term disability coverage.
• 401(k) Profit Sharing Plan and Cash Balance Retirement Plan with employer contributions.
• Generous paid time off including vacation, personal days, holidays, and sick leave.
• Employee Assistance Program (EAP) and wellness benefits, including gym reimbursement.
• Student loan refinancing discounts.
• Hybrid work schedule with partial in-office attendance.