Director, Cyber Security

Information TechnologyAll Practice AreasPittsburgh, PA

Job Description

At K&L Gates, we are looking for smart, imaginative and hard-working people with diverse backgrounds, experiences and ideas to join us.  Perhaps our search for talented visionaries and your search for important and impactful work lead to the same place.

We are seeking a Director, Cyber Security to join the Pittsburgh office. The Director of Cyber Security role is to provide vision and leadership for the development and support of the cybersecurity strategy and program at K&L Gates. The Director is responsible for the planning and implementation of defenses against vulnerabilities, the cybersecurity risk management program, overseeing threat intelligence, and managing security incidents to reduce impact and prevent breaches. Candidates must be self-starters who possess the ability to work independently and as part of a team. Excellent communication skills and a commitment to providing the highest quality client service are strongly preferred.


Strategy and Planning
•Develop and refine a world-class cyber security program that focuses on protecting K&L Gates resources and the firm.
•Lead the short, mid, and long-term strategic security planning to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future security technologies.
•Develop and communicate security strategies and plans to the executive team, Partners, staff, customers and stakeholders.
•Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices. Keep documentation current in accordance with regulatory changes.
•Develop, track, and control the Cybersecurity services annual operating and capital budgets for purchasing, staffing, and operations.
•Interact with the Chief Information Officer (CIO) as a liaison for all cyber security related initiatives and planning.
Acquisition & Deployment
•Define and communicate firm plans, procedures, policies, and standards for the organization for acquiring, implementing, and operating new security systems, equipment, software, and other technologies.
•Assess and communicate any and all security risks associated with any and all purchases or practices performed by the company.
Operational Management
•Act as advocate and primary liaison for the firm’s security vision via regular written and in-person communications with the firm’s leadership, department heads, and end users.
•Work closely with the IT department on enterprise technology developments to fully secure information, computer, network, and processing systems.
•Oversee the standards for the administration of all computer security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.
•Creatively and independently provide resolution to security problems in a cost-effective manner.
•Collaborate with IT leadership, General Counsel and Human Resources to establish and maintain a system for ensuring that security and privacy policies are met.
•Provides metrics and communications to the firm leadership team around information security related endeavors.
•Assists General Counsel in conducting internal and external security investigations.
•Where necessary, supervise recruitment, development, retention, and organization of cyber security staff in accordance with K&L Gates budgetary objectives and personnel policies.
•Promote strategic security relationships between internal resources and external entities, including government, vendors, and partner organizations.
•Remain informed on trends and issues in the security industry, including current and emerging technologies and prices. Advise, counsel, and educate leadership and management teams on cyber security related threats and risk to the organization, their relative importance, and financial impact.
•Lead the intelligence, forensic, monitoring and access management functions and resources.
•Support the Firm’s ISO 27001 and ISO 22301 programs and all governing bodies, including the Information Security and Business Continuity Management Systems (ISMS/BCMS) and Committee. Activities include attending meetings, reviewing, discussing, and enforcing policies, procedures, and standards.

Formal Education & Certification
•BA or BS in Computer Science, Management Information Systems, or related experience. Advanced degree desirable.
•Professional certification such as CISSP, CISM, CISA or other similar credentials is preferred.
Knowledge & Experience
•10 years’ experience managing and/or directing an IT and/or security operation.
•Experience with privacy and GDPR/CCPA.
•Proven experience in planning, organizing, and developing IT security technologies.
•Experience in planning and executing security policies and standards development.
•Excellent knowledge of technology environments, including information security, building security, and defense solutions.
•Extensive experience running large-scale information/cyber security programs in a dynamic, international environment.
•Experience with building vulnerability management programs and information security monitoring and detection programs.
•Considerable knowledge of business theory, business processes, management, budgeting, and business office operations.
•Substantial exposure to data processing, hardware platforms, enterprise software applications, and outsourced systems.
•Good understanding of computer systems characteristics, features, and integration capabilities.
•Experience with systems design and development from business requirements analysis through to day-to-day management.
•Excellent understanding of project management principles.
•Superior understanding of the organization’s goals and objectives.
•Demonstrated ability to apply IT in solving security problems.
•In-depth knowledge of applicable laws and regulations as they relate to security.
•Proven leadership ability.

Personal Attributes
•Ability to set and manage priorities judiciously.
•Excellent written and oral communication skills.
•Excellent interpersonal skills.
•Strong negotiating skills.
•Ability to present ideas in business-friendly and user-friendly language.
•Exceptionally self-motivated and directed.
•Keen attention to detail.
•Superior analytical, evaluative, and problem-solving abilities.
•Exceptional service orientation.
•Ability to motivate in a team-oriented, collaborative environment.



K&L Gates is a fully integrated global law firm with approximately 2,000 lawyers across five continents. We have experienced dramatic growth in the past decade and now rank among the largest U.S. based law firms in the world.  We take pride in constantly striving for innovation, imagination and an entrepreneurial spirit. We come up with big ideas and then roll up our sleeves to get the job done, guiding our clients through their most complex issues in a variety of industry sectors and across multiple regions of the world.

The industry recognition the firm has garnered in the past five years emanates from the foundation of a global community aligned on behalf of our clients. The people at K&L Gates are committed to working together to create a legacy for each other, the firm, our clients, and the communities in which we serve. We thrive in an inclusive and socially conscious environment that embraces diversity and takes a holistic approach to the career evolution of all our professionals.

To learn what makes us different from other law firms, including our collaborative approach, entrepreneurial spirit, and our commitment to diversity, check out our video, “Grow Your Career at K&L Gates.”

If you agree that we are different from other law firms - and the right place for you to grow your career - please apply for this position.  For more information or to view other job opportunities, please click here to go back to our careers page.

Notice: We participate in E-Verify in certain Firm locations for purposes of verifying employment eligibility.


We offer a dynamic work environment and excellent benefits.


The Firm is an equal opportunity employer. It is the policy of the Firm that employment decisions shall be based on merit, qualifications and competence. Employment practices shall not be influenced or affected by virtue of a person’s race, color, religion, sex, national origin, age, sexual orientation, gender identity or expression, marital status, disability, military status or any other characteristic protected by applicable law. This policy governs all aspects of employment including, without limitation, recruiting, hiring, compensation, benefits, promotion, assignment and dismissal. In addition, it is the Firm’s policy to provide an environment that is free of unlawful harassment of any kind including, without limitation, that which is sexual, racial, age-related, disability-related or ethnic background-related.