Gibson Dunn is a leading global law firm, advising clients on significant transactions and disputes. Our exceptional teams craft and deploy creative legal strategies that are meticulously tailored to every matter, however complex or high-stakes. The firm’s work is distinguished by a unique combination of precision and vision.

Gibson Dunn is looking for a Chief Information Security Officer. The CISO will lead Gibson Dunn’s cybersecurity team tasked with protecting the digital assets and data of a global law firm with twenty offices in eight countries serving the world’s most sophisticated organizations. The CISO will be responsible for three key areas to ensure a secure yet operationally efficient environment for our world-class team: (i) cybersecurity governance and risk management; (ii) cybersecurity program management; and (iii) incident response and coordination. The CISO is responsible for oversight of people, processes, technology, and governance of the cybersecurity program.

The Chief Information Security Officer (CISO) is a senior member of the Firm’s leadership team with a critical role in ensuring the security and operational excellence of Gibson Dunn, a leading global law firm with twenty offices across the United States, Europe, the Middle East, and Asia. The CISO manages and directs all aspects of Gibson Dunn’s cybersecurity strategy and program, ensuring the security and secure integration of technical applications as well as the confidentiality, availability, and integrity of Firm data and client data entrusted to the Firm. The CISO is responsible for developing, implementing, and maintaining reasonable risk-based administrative, technical, and physical safeguards across a global infrastructure, inclusive of vendor management. The CISO is a core member of the Firm’s incident response team, and plays a leading role in ensuring preparedness and world-class response to security events.

A collaborative team player and thought partner, the CISO works closely and constructively with other senior leaders, colleagues, clients, and vendors. The CISO oversees and coordinates security efforts across the Firm, including close coordination with information technology, legal, human resources, communications and marketing, facilities management, and other internal teams to identify, prioritize, and implement security initiatives and standards.

A senior executive, the CISO demonstrates exceptional technical expertise and knowledge of relevant industry standards and certifications, as well as strong understanding of relevant legal requirements and their application, exceptional judgment, and the executive leadership skills to develop, implement, maintain, and adapt a comprehensive cybersecurity program to ensure the security of the Firm in a complex and evolving threat landscape.

This position is open to all U.S. office locations of Gibson Dunn.

Responsibilities include:

Cybersecurity Governance and Risk Management

• Develop and implement the Firm’s comprehensive cybersecurity strategy, reflecting the Firm’s operational drivers and desired business outcomes, risk tolerance, and evolving risks, threats, and vulnerabilities.
• Develop senior leader awareness and buy-in of cybersecurity program and initiatives, including reporting to leadership on cyber initiatives and strategy, program assessments, changes to risk profiles, and specific events.
• Build cybersecurity team and define program governance, including defining roles and responsibilities.
• Establish, with senior leaders, cyber risk thresholds and risk management approach.
• Build and implement cyber risk quantification and risk prioritization of initiatives.
• Develop protocols to periodically review the appropriateness of the cybersecurity program, inclusive of administrative and technical controls and processes, with such review to include risk assessments, industry standard compliance reviews, and periodic, risk-based penetration testing.
• Develop vendor cybersecurity risk management program.
• Coordinate with senior leadership to ensure adequate resourcing of cybersecurity program.

Cybersecurity Program Management

• Oversee people, processes, and technology at all levels of the cybersecurity program to enable global operations.
• Develop and maintain all relevant information security policies and procedures, including for network infrastructure, specific applications, and services.
• Develop and maintain designated risk-based cyber safeguards, including access controls, MFA, encryption, asset classification, change management, patch management, network segmentation, firewalls, detection technologies including network and endpoint security, insider threat protection, logging and network monitoring, and vulnerability management.
• Develop secure lifecycle processes and operations, reflecting risk, threat, and vulnerability identification.
• Ensure continuous monitoring of the threat landscape and modify security technologies and procedures as appropriate.
• Manage cybersecurity audits, inclusive of client security audits and RFPs.
• Oversee development and implementation of role-based cybersecurity awareness programs and trainings.
• Collaborate closely with OGC to ensure cybersecurity program meets all legal and contractual requirements.
• Manage, in close collaboration with IT team, all aspects of security for technology initiatives.
• Conduct regular internal and coordinate external security assessment, penetration tests, and red/purple team exercises to proactively test the effectiveness of security controls.
• Coordinate with compliance on remediation and program management.
• Assist in the design and implementation of disaster recovery procedures, integration points with business continuity and managing the rollout of IT-enabled recovery and continuity procedures.

Incident Response and Coordination

• Maintain Firm Incident Response Plan, including incident escalation framework and key incident-specific playbooks (e.g., ransomware), and serve as lead cybersecurity representative in incident response.
• Ensure appropriate tactical incident response protocols and processes to detect, respond, and remediate cybersecurity events.
• Oversee investigation capability, to include leveraging internal and external forensics and evidence collection and preservation, under the supervision of the OGC, as appropriate.
• Maintain Firm Business Continuity and Disaster Recovery (BC/DR) Response Plan, and serve as lead member of disaster recovery team.
• Conduct tabletop exercises to build response capability at all levels (e.g., tactical security response through strategic leadership response).
• Lead after-action reviews and identify and implement lessons learned to drive security improvements.