Director Information Security
The Director, Information Security will be responsible to lead a team of internal and external Information Security professionals who are responsible for maintaining the confidentiality, integrity and the availability of Legal Zoom's infrastructure. This role requires the ability to balance between people management, leadership, and technical responsibilities. This position will collaborate with senior technology, production operations, as well as other infrastructure and engineering directors.
This role will be responsible for leading a staff of dedicated and virtual employees, and selected vendor partner. This position is responsible for drive the future of our, information security safeguards, and provide value to our customers and our brand by ensuring that all personal and sensitive/proprietary data is completely safe and protected.
The Director of Information Security will be responsible for being the Subject Matter Expert for Information Security within the technology organization – providing security input on all project and operational activities. The position will provide leadership for security related incidents & investigations, security reviews, compliance assessments and audits.
What you'll do:
- Perform assessments of all Legal Zoom technology platforms to ensure all risks are identified, and an appropriate mitigation strategy or plan is recommended and prioritized.
- Develop security solutions that are consistent with Legal Zoom's business and budget requirements.
- Develop and lead a process to monitor and track the status of mitigating all Legal Zoom security risks to provide periodic reports on progress and completion.
- Provide security leadership as required to address issues related to malware security, vulnerabilities, and best-practices for cyber & information security matters.
- Direct the investigation of suspected network intrusions and other possible cyber security breaches to report on the cause and extent of the breach and ensure that timely and appropriate action is taken to mitigate the risk and track completion.
- Lead the development and implementation of security-related policies, products, processes, and operating practices to prevent, detect, and mitigate material risks.
- Champion continuous improvement and optimization of Legal Zoom's information security platforms and processes to minimize both cost and risk.
- Review all Legal Zoom technology solution designs to ensure they are consistent with our Information Security requirements and policies – providing a gap analysis and recommendations for mitigation.
- Direct PCI compliance assessments and remediation activities to ensure we are always in continuous compliance.
- Provide periodic reports on security related metrics.
- Develop and maintain an Information Security roadmap to effectively manage and communicate the vision and priorities of Legal Zoom's security strategy.
- Manage relationships with third party providers of security related services to Legal Zoom – to include: vendor selection, contract negotiation, and managing the delivery of services through SLAs consistent with our business requirements.
- Develop and deploy an information security awareness for all Legal Zoom employees, and provide recommendations for specific security training and educational programs for Subject Matter Experts (Engineering, DC Ops, End User Support, NOC, Contact Center, etc.).
- Maintain current knowledge of the most common Cyber threat actors, attack methodologies, and mitigation/remediation methods to minimize risk.
- Maintain thorough understanding of Legal Zoom's technology stack and business requirements to ensure that our Information Security strategy is effectively aligned.
- Bachelor's Degree in Computer Science or related field required (Master's Degree desirable)
- 10+ years in a leadership role including experience leading a team of Information Security professionals.
- Certifications a plus CEH, CompTIA Security +, SANS GIAC, CISSP.
- Significant understanding of IT Infrastructure technologies including network, server (Windows & Mac), end-point, mobile, web, CDN, IPS/IDS, WAF, Active Directory, encryption, Layer 7 Firewalls, access controls, & identity management.
- Deep understanding security issues in infrastructure and software technologies.
- A global perspective on privacy, security, and data protection issues and trends.
- Strong sense of self-motivation, organization and attention to detail
- Strong analytical skills
- Strong written and oral communication skills
- Demonstrated success in building and maintaining relationships with key technology vendors and internal stakeholders
- Experience working in a high demanding and fast paced environment
- Ability to successfully manage multiple complex projects simultaneously
LegalZoom is an Equal Opportunity Employer, dedicated to diversity.
Meet Some of LegalZoom's Employees
Customer Care Manager
Hae manages the overall operations of the Customer Care Team by supporting employees and reviewing call center metrics to ensure customers get fast, consistent service.
Back to top