Information Security Director – ISD

Job not on LinkedIn

🔥 0 minutes ago

⚔️ Virginia – Remote

⚔️ Virginia – Remote

💵 $195k - $240k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Redgrave LLP

WebsiteLinkedInAll Job Openings

51 - 200 employees

Founded 2010

🤝 B2B

📋 Compliance

🔒 Cybersecurity

B2B • Compliance • Cybersecurity

Redgrave LLP is a law firm specializing in Information Law, focusing on the legal and technical challenges at the intersection of law and technology. The firm advises corporate clients on eDiscovery, information governance, AI governance, data privacy, cybersecurity, litigation and investigations, and related compliance matters, and provides hands-on services such as discovery counsel, review and analytics, and guidance on cloud migrations and defensible disposition. Redgrave emphasizes multidisciplinary teams, industry-leading experience, and thought leadership to help organizations identify, mitigate, and manage information-related legal risks.

📋 Description

• Define and execute a Firm-wide cybersecurity strategy aligned with NIST CSF, NIST AI RMF 1.0, ISO 27001, and SOC 2 frameworks • Own and continuously mature the Firm's Information Security Management System (ISMS) • Lead ISO 27001 gap analysis and establish a roadmap toward certification • Develop, maintain, and enforce security policies, standards, procedures, and governance structures • Define and track key risk indicators (KRIs), metrics, and reporting frameworks • Serve as the Firm's executive owner of AI security and governance • Design and implement a scalable AI governance framework, including acceptable use standards, risk-tiering criteria, and data handling controls • Own the Firm's vendor risk management program, including intake, risk-tiering, assessment, and continuous monitoring • Own the Firm's SOC 2 Type II program, including control maintenance, evidence collection, and auditor engagement • Provide executive oversight of security architecture across Microsoft 365 and Azure

🎯 Requirements

• 10+ years of progressive experience in information security, including leadership and program ownership roles • CISSP (required); CISM or equivalent considered • Demonstrated experience leading or scaling a security program; law firm or professional services preferred • Strong experience with cloud security, vendor risk, and compliance frameworks • Experience with SOC 2 programs and enterprise security tooling in Microsoft environments

🏖️ Benefits

• medical, dental, and vision coverage • 401(k) plan • additional benefits to help you prepare for retirement • free access to Employee Assistance Programs • other programs designed to help you and your family stay healthy, feel secure, and enjoy a positive work/life balance