Enterprise Security Compliance Lead

Latham & Watkins is a global law firm consistently ranked among the top firms in the world. The success of our firm is largely determined by our commitment to hire and develop the very best and brightest, creating a team that provides our clients with the highest quality of work and service. We are driven by our core values: respect, innovation, and collaboration.  

The Enterprise Security Compliance Lead is an integral part of Latham’s Global Security and Risk Management team. This role will be responsible for participating in the overall process related to client security audits, vendor security audits, and other security compliance activities (e.g., ISO 27001, penetration tests, other client responses, etc.), while completing assigned client security reviews from intake through closure by identifying all necessary internal stakeholders based on the request (e.g., security survey, audit, review, etc.), assembling relevant and appropriate documentation, and completing the appropriate forms and questionnaires required by Latham clients. This role will be located in our Los Angeles office. Please note that this role may be eligible for a flexible working schedule that allows for a hybrid and in-office presence. 

Other key responsibilities include:

• Assisting with the vendor security audit process for assigned vendors, including collecting and reviewing submitted materials, following up on outstanding items, and drafting summary reports
• Maintaining relationships with third-party audit services that audit firm vendors, audit the firm on behalf of clients, or otherwise evaluate the firm (e.g., ISO 27001 assessors, independent consultants)
• Acting as a project manager to ensure the success of ISO 27001, client and vendor audits, and other assessments by identifying internal stakeholders, scheduling and motivating team members to meet deadlines, assembling relevant documentation, completing necessary responses, and tracking follow-up actions
• Arranging penetration and vulnerability tests, scheduling these tests, following up on results, delivering the results of internal and external system vulnerability scans, and coordinating necessary internal follow-up to facilitate agreement and remediation of issues
• Organizing team work and reviews to ensure consistency and quality
• Creating reports and presentations for senior management
• Interfacing with staff throughout the firm to facilitate the efficient and secure use of Technology services 
• Preparing technical documentation and reports as required
• Protecting and maintaining any highly sensitive, confidential, privileged, financial, and/or proprietary information that Latham & Watkins retains 
  

We’d love to hear from you if you:

• Exhibit an understanding of business security practices and procedures
• Possess knowledge of information security technologies
• Demonstrate knowledge of a variety of communication protocols and encryption techniques/tools

And have:

• A bachelor's degree or equivalent; a minimum of five (5) years of Security and Technology experience may be considered in lieu of a degree
• A bachelor’s degree in Information Systems, Computer Science, Engineering, or related field, preferably
• Recognized security certifications preferred (e.g., CISM, CISA, CRISC, CDPSE, CISSP)
• A minimum of five (5) years of experience in IT audit or IT risk management
• A minimum of three (3) years of experience in performing security assessments, IT vendor risk assessments, and vulnerability management reviews
• A minimum of two (2) years of experience applying project management concepts

Successful candidates will not only be provided with an outstanding career opportunity and welcoming environment, but will also be provided with a generous total compensation package with bonuses awarded in recognition of both individual and firm performance. Eligible employees can participate in Latham’s comprehensive benefit program which includes:

• Healthcare, life and disability insurance
• A generous 401k plan
• At least 11 paid holidays per year, and a PTO program that accrues 23 days during the first year of employment and grows with tenure
• Well-being programs (e.g. mental health services, mindfulness and resiliency, medical resources, well-being events, and more)
• Professional development programs
• Employee discounts
• Affinity groups, networks, and coalitions for lawyers and staff

Latham & Watkins is an equal opportunity employer. The Firm prohibits discrimination against any employee or applicant for employment on the basis of race (including, but not limited to, hair texture and protective hairstyles), color, religion, sex, age, national origin, sexual orientation, gender identity, veteran status (including veterans of the Vietnam era), gender expression, marital status, or any other characteristic or condition protected by applicable statute.

Latham & Watkins LLP will consider qualified applicants with criminal histories in a manner consistent with the City of Los Angeles Fair Chance Initiative for Hiring Ordinance (FCIHO)​.  Please click the link below to review the Ordinance.

Please click here to review your rights under U.S. employment laws. #MidSenior #LI-JN1