Enterprise Security Compliance Manager
About Latham & Watkins
Latham & Watkins is one of the world’s leading global law firms advising the businesses and institutions that drive the global economy. We are the market leaders in major financial and business centers around the world. Our investment in people, commitment to innovation, and focus on the future empower you to build an incredible career and thrive as an exceptional professional in a supportive culture. If you aspire to be the best, and work with the best, this is where you belong.
About the Role
The Enterprise Security Compliance Manager is an integral part of Latham’s Global Security and Risk Management team. This role will be responsible for managing the firm’s security compliance activities, while leading responses to client security questionnaires, assessments, and RFP requests by coordinating with stakeholders, preparing documentation, drafting responses, validating control operation, confidently explaining system architecture and security mechanisms to assessors, and tracking follow-up actions. This role will be located in our Global Services Office located in downtown Los Angeles. Please note that this role may be eligible for a flexible working schedule that allows for a hybrid and in-office presence.
Responsibilities & Qualifications
Other key responsibilities include:
- Contributing to the maturation and scalability of the compliance program by helping standardize control design, documentation, evidence collection, and operating procedures to continually improve audit efficiency, consistency, and repeatability
- Leading the operation of the compliance governance processes, including control ownership, compliance monitoring, issue tracking, and exception management, to help maintain sustained audit readiness and control effectiveness
- Identifying opportunities to mature the compliance program through automation, continuous monitoring, improved evidence practices, and more scalable audit readiness processes
- Leading the certification program for ISO 27001, end-to-end from scoping through audit closure
- Arranging penetration and vulnerability testing by identifying and negotiating with vendors and scheduling testing, then following up on results delivered
- Protecting and maintaining any highly sensitive, confidential, privileged, financial, and/or proprietary information that Latham & Watkins retains
We’d love to hear from you if you:
- Exhibit the ability to communicate effectively and collaboratively with clients, vendors, and colleagues at all organizational levels
- Demonstrate experience managing client security due diligence activities and responding to security questionnaires and related inquiries
- Possess the ability to communicate technical concepts effectively, both verbally and in writing, and translate technical risks into business-focused language for non-technical audiences
And have:
- A bachelor’s degree or Diploma of Higher Education or have sufficient security and technology experience, preferably a bachelor’s degree in Information Systems, Computer Science, Engineering, or related field
- Relevant security and audit certifications (e.g., CISA, CISSP, CISM), preferably
- A minimum of ten (10) years of experience in a combination of GRC, technology risk, compliance, audit/cybersecurity assurance, security governance, and/or operational resilience experience, and a minimum of two (2) years of experience in a leadership role
- A minimum of two (2) years of experience applying project management concepts
- Experience working in a law practice office, preferably
Benefits & Additional Information
Successful candidates will not only be provided with an outstanding career opportunity and welcoming environment, but will also be provided with a generous total compensation package with bonuses awarded in recognition of both individual and firm performance. Eligible employees can participate in Latham’s comprehensive benefit program which includes:
- Healthcare, life and disability insurance
- A generous 401k plan
- At least 11 paid holidays per year, and a PTO program that accrues 23 days during the first year of employment and grows with tenure
- Well-being programs (e.g. mental health services, mindfulness and resiliency, medical resources, well-being events, and more)
- Professional development programs
- Employee discounts
- Affinity groups, networks, and coalitions for lawyers and staff
Latham & Watkins is an equal opportunity employer. The Firm prohibits discrimination against any employee or applicant for employment on the basis of race (including, but not limited to, hair texture and protective hairstyles), color, religion, sex, age, national origin, sexual orientation, gender identity, veteran status (including veterans of the Vietnam era), gender expression, marital status, or any other characteristic or condition protected by applicable statute.
Latham & Watkins LLP will consider qualified applicants with criminal histories in a manner consistent with the City of Los Angeles Fair Chance Initiative for Hiring Ordinance (FCIHO). Please click the link below to review the Ordinance.
Please click here to review your rights under U.S. employment laws.
#MidSenior
#LI-BW1