Director of Technology - Cybersecurity & IT Strategy

We are currently partnering with a well-established and growing Ontario law firm to recruit a Director of Technology. This organization has scaled significantly in recent years and is continuing to grow. The firm operates on a fully remote model with a collaborative and approachable culture.

Overview

This is a hands-on leadership role with direct access to firm leadership and broad ownership of the technology function. The Director of Technology will take full ownership of IT operations, cybersecurity, and technology strategy for a remote-first legal organization. This individual will establish proper governance and security frameworks, manage vendor and licensing relationships, and develop a technology roadmap aligned with the firm's growth plans.

Key Responsibilities

• Oversee all IT operations, infrastructure, and end-user support across a fully remote workforce
• Audit and rationalize the technology stack, including hardware, software licensing, SaaS spend, and vendor relationships
• Establish IT governance, policies, and procedures appropriate for a regulated legal environment
• Design and implement a cybersecurity and data protection strategy aligned with PIPEDA, applicable provincial privacy laws, and Law Society of Ontario guidance

Interested in remote work opportunities in IT & Network Engineering? Discover IT & Network Engineering Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.

• Oversee identity and access management, endpoint security, data encryption, and secure remote access
• Lead incident detection and response, including breach reporting obligations
• Conduct regular risk assessments, audits, and vulnerability scans, and deliver firm-wide security awareness training
• Oversee core legal technology platforms including practice management, document management, billing, and secure client communication tools
• Implement records management and data retention policies aligned with legal and regulatory obligations
• Develop and execute the firm's strategy for AI and automation adoption, and establish acceptable-use policies governing AI in a client-confidentiality environment
• Lead IT due diligence and post-merger technology integration as the firm grows
• Build and manage a small internal IT team over time
• Develop and maintain a technology roadmap and advise firm leadership on IT risks and emerging technologies

Qualifications

• 8–12+ years of progressive IT experience, including leadership roles
• Background in a law firm or professional services firm of 20–300 people in size
• Current or prior title of Manager, Senior Manager, or Director of IT — someone who has operated across multiple areas of IT, not a specialist from a large firm
• Strong expertise in cybersecurity, privacy, and risk management, with demonstrated experience implementing PIPEDA-aligned controls
• Hands-on experience with Microsoft 365, cloud platforms (Azure preferred), and modern security tooling
• Experience managing vendors, procurement, and IT budgets
• Strong communication skills with the ability to advise non-technical stakeholders
• Experience in a law firm or legal services environment is preferred; professional services firms of comparable size will also be considered
• Familiarity with Law Society of Ontario requirements related to technology competence and confidentiality is an asset
• Experience deploying or governing AI tools in a regulated setting is an asset
• Post-merger IT integration experience is an asset
• Relevant certifications (CISSP, CISM, CIPM, ITIL, Azure Security) and knowledge of frameworks such as NIST, ISO 27001, or CIS Controls are considered assets