Job Summary

Director of Information Security Governance & Compliance - Washington, D.C.

  • Location:
    Washington, District of Columbia
  • Salary:
  • Job reference:
  • Category:
  • Contract Type:
    Direct Hire

Director of Information Security Governance & Compliance
Washington, D.C.

Salary up to $130,000
Excellent culture and benefits package
*This position is not available to individuals requiring sponsorship*
The Director will have overall responsibility for a comprehensive security program that includes information security policies, compliance and governance with the expanded scope to include internal employees, external clients and company-sponsored audits of third-party suppliers and vendors. This position will be responsible for developing long-term security strategies and ensuring the company meets all security standards, regulatory expectations, and the coordination of responses to client audit requests and questionnaires. In addition, this position will provide security-related vision, leadership, and strategy required to succeed with the ever changing market conditions.  This position reports to the Chief Information Officer.

  • Provide leadership for the integration of security as a key component of the company’s culture.
  • Responsible for the planning and development of an enterprise information security strategy and best practices in support of the company’s information security architecture.
  • Develop test plans for all phases of unit testing, acceptance testing and acceptance testing and implementation of projects related to information security.
  • Collaborate with key business and Technology leaders to develop security and business continuance standards and action plans.
  • Direct the creation of compliance procedures and documentation for internal information security procedures.
  • Provide oversight of the process to collect and provide evidence for client and company questionnaire, audit, and incident investigations.
  • Understand and anticipate security trends internal and external to the company and keep the company's senior management informed about information security-related issues and activities affecting the company.
  • Proactively communicate to the internal user community to consistently exceed defined levels of security needs.
  • Communicate key information security strategies and processes to increase productivity and/or to reduce risk.
  • Provide leadership for defensive technology and processes that include intrusion detection, proactive hunting and analytics, incident handling, vulnerability assessments, and remediation.
  • Oversee incident response planning as well as the investigation of security breaches, and assist with disciplinary and legal matters associated with such breaches as necessary.
  • Responsible for ensuring that tools or technologies are implemented to reduce the risk of disruptive  attacks against systems or threats to confidentiality.
  • Manage the development, implementation, and regular review of the company's cyber security policies, standards, guidelines and procedures to ensure ongoing maintenance of security.
  • Develop, deliver and maintain an education and security awareness program on information security and privacy matters for employees.
  • Understand and assess potential threats, vulnerabilities and control techniques and advises the company.


  • 10+ years of progressive experience in computing and information security, including experience with internet technology and security issues within the legal services marketplace.
  • 4+ years as an Information Security Officer or a comparable scope information security role in a medium to large organization.
  • Four-year college degree preferred in Computer Science, Information Management, comparable experience considered.
  • Ability to empower and lead a team to meet business and IT security goals.
  • Demonstrated people management skills providing direction, change leadership, monitoring performance, motivating staff and building a positive working environment.
  • Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and newest security technologies.
  • Desire to drive the IT security strategy forward.
  • Strong analytical thinker capable of managing numerous information sources and providing data analysis reports to senior management.
  • Ability to manage several concurrent projects and prioritize demands.
  • Experience maintaining and updating policies and procedures.
  • Demonstrated experience handling sensitive or confidential information.
  • Prior experience in legal information technology or information security preferred.
  • Possession of, or working toward professional certifications such as GIAC credentials, CISM, or CISSP.


Apply Below


Note: Required fields marked with an asterisk (*).


Primary Number
[Ctrl (Cmd Mac) + Click] to select multiple industries
Upload your resume
Terms of Use


Upload your resume using

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Equal employment opportunity information:
EEO is the Law (poster) | EEO is the Law (poster supplement) | Reaffirmation of Affirmative Action Policy Statement