Wilson Sonsini Goodrich & Rosati

Manager, IT Risk Operations

Wilson Sonsini Goodrich & Rosati$163K — $220K *
US-AnywhereRemote in Palo Alto, CA
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree preferred
  • 7+ years in IT risk, security compliance, technology audit, or IT governance
  • Experience in complex, regulated environments (e.g., law firms, financial services)
  • Proven leadership in reporting, analytics, and governance initiatives
  • Familiarity with ServiceNow and ITSM reporting
  • Experience with security tools like Microsoft 365 and email security
  • Knowledge of NIST Framework, ISO/IEC 27001, and SOC 2 standards

Responsibilities

  • Lead the development of executive-level IT risk reporting
  • Build and evolve KPI/KRI dashboards for risk visibility
  • Translate complex data into insights for decision-making
  • Ensure adherence to IT policies and leading frameworks
  • Own and evolve the firm's IT risk register and RCSA program
  • Identify emerging risks across IT, security, and operational processes
  • Oversee governance and reporting across the ITSM ecosystem

Benefits

  • 100% remote or hybrid working options
  • Discretionary year-end merit bonus based on performance
  • Highly competitive salary and benefits package
Full Job Description
Essential Duties and Responsibilities:

This high-impact position in the Governance, Risk & Compliance function sits at the center of the firm's technology, security, and operational ecosystem. Managing a small team, you will work closely with senior leaders across IT, Security Engineering, General Counsel, and firm leadership to shape how risk is understood, measured, and managed.

The role can be 100% remote or hybrid-in person if located near a physical office.

Strengthen IT Governance & Controls
  • Lead the development of executive-level reporting on IT risk, compliance posture, and operational performance
  • Build and evolve KPI/KRI dashboards that provide real-time visibility into risk trends and control effectiveness
  • Translate complex IT and security data into meaningful insights for decision making
  • Ensure adherence to IT policies, standards, and leading frameworks (e.g., NIST, ISO 27001)
  • Own and evolve the firm's IT risk register and Risk & Control Self-Assessment (RCSA) program
  • Identify emerging and systemic risks across IT, security, privacy, and operational processes


Incident Governance & Investigations
  • Partner with General Counsel, Security, and IT to lead internal investigations


Own ITSM Governance & ServiceNow Analytics
  • Oversee governance and reporting across the IT Service Management (ITSM) ecosystem
  • Analyze incident, change, and problem management data to identify trends and improvement opportunities
  • Drive workflow optimization and automation within ServiceNow


Vendor Risk Management
  • Review and advise on vendor agreements
  • Enhance vendor risk processes, including risk tiering, assessments, and monitoring
  • Identify opportunities to streamline processes, enhance reporting, and improve governance
  • Introduce data-driven approaches to risk management and operational oversight
  • Perform related duties as assigned or directed by supervisor
  • Maintain compliance with all firm policies and procedures


Education and/or Work Experience Requirements:
  • Bachelor's degree preferred
  • Seven years of experience in IT risk, security compliance, technology audit, or IT governance preferred
  • Experience operating in complex, regulated environments (e.g., law firms, financial services, consulting) preferred
  • Proven ability to lead reporting, analytics, and governance initiatives
  • Familiarity with ServiceNow and ITSM reporting including understanding of incident, change, and problem management lifecycles
  • Experience with security and collaboration platforms such as Microsoft 365, Purview and email security tools
  • Working knowledge of frameworks such as the NIST Cybersecurity Framework, ISO/IEC 27001 and SOC 2
  • Strong understanding of control design, risk registers, RCSA programs, and audit response
  • Basic understanding of privacy regulations
  • CISA, CISSP, CRISC, CTPRM and/or ITIL preferred
The primary location for this job posting is in Palo Alto, but other locations may be listed. The actual base pay offered will depend upon a variety of factors, including but not limited to the selected candidate's qualifications, years of relevant experience, level of education, professional certifications and licenses, and work location. The anticipated pay range for this position is as follows:

Palo Alto, New York, San Francisco: $163,200 - $220,800 per year.Austin, Boston, Boulder, Century City, Los Angeles, Salt Lake City, San Diego, Seattle: $147,050 - $198,950 per year.

The compensation for this position may include a discretionary year-end merit bonus based on performance. We offer a highly competitive salary and benefits package.

Benefits information can be found here.

About Wilson Sonsini Goodrich & Rosati

Wilson Sonsini Goodrich & Rosati (WSGR) is a law firm that specializes in technology, life sciences, and growth enterprises. The firm provides legal services in the areas of corporate law, litigation, intellectual property, and regulatory affairs. WSGR has offices in the United States, China, and Europe. The firm was founded in 1961 and is headquartered in Palo Alto, California.
Learn more about Wilson Sonsini Goodrich & Rosati
Size
1,000 employees
Industry
Founded
1961

Similar Jobs

More Jobs at Wilson Sonsini Goodrich & Rosati

More Information Technology Jobs

Find similar Manager, IT Risk Operations jobs: