Role Overview: The Senior Security Engineer is a critical technical role responsible for managing cyber security measures, responding to incidents, and playing a vital role in the organization's administration, development, auditing, and documentation of IT Security systems.
Collaborations: The Senior Security Engineer will work closely with the InfoSec team and the Enterprise Architecture and Service Delivery (EA&SD) team and contribute to enhancing the organization's internal and Cloud security framework. This role involves participation in Incident Response, Business Continuity and Disaster Recovery planning, vulnerability assessments, and ensuring compliance with the organization's data security policy, ISO 27001:2022, ISO 27017:2015, ISO 22301 standards, and client audit requirements.
Experience at a law firm is preferred.
Locations: Nashville, Chicago, or New York City
Responsibilities:
- Implement and configure security systems under the CISO's guidance while supporting the security infrastructure for various platforms and applications.
- Provide 24/7 support for security incidents, ensuring immediate escalation and remediation.
- Mentor junior staff in the utilization of security tools, report generation, and issue resolution and facilitate cross-training within the team.
- Document and escalate unresolved network security issues.
- Create and maintain comprehensive documentation for security processes and systems.
- Demonstrate in-depth knowledge of on-premises and Cloud environments, particularly Azure/AWS/MS E5 platforms.
- Enhance visibility and detective capability in a fully managed Azure/AWS environment.
- Conduct penetration testing and provide security report gaps with remediations.
- Support the design, development, implementation, and troubleshooting of various information systems and cyber security software.
- Automate security testing and auditing to prevent regressions and catch issues before they reach production.
- Provide security expertise on system, network, encryption, authentication, and governance.
- Gather reports, metrics, and key performance indicators to measure and validate the effectiveness of existing security controls for team review.
- Participate in and develop material to raise security awareness across the organization.
Identity Management & Policy Control:
- Manage Active Directory, Privileged Identity Management, Local Administrator Password Solution, and related privilege management technologies.
- Collaborate with leadership to drive the Zero Trust security model and hardening CIS standards.
Business Continuity & Disaster Recovery:
- Lead the Business Continuity and Disaster Recovery efforts, working closely with the CIO, CISO, and Director of EA&SD to test and refine BC/DR strategies.
Event & SIEM Management:
- Respond to security incidents, monitor system logs and network traffic, and investigate security breaches to enhance security protocols.
Service Delivery Platform Protection:
- Participate in Service Delivery projects to develop and implement security measures and partner with third-party services for firewall reviews and security software testing.
Risk, Control, Threat & Vulnerability Management:
- Support the Governance, Risk, and Compliance Manager in audit preparations and vulnerability management, including leading penetration tests and managing endpoint security.
Incident Response:
- Remain on-call for security incidents, collaborating with vendors and the Service Delivery team to mitigate threats.
Security Assessment & Engineering:
- Proactively test security controls to identify vulnerabilities that could be exploited by malicious actors and provide remediation efforts to close security gaps.
- Maintain operational efficiency and a healthy state of all endpoint security agents.
- Maintain security architecture diagrams and participate in cyber security initiatives and working groups.
Qualifications:
- Bachelor's degree in Computer Science or related field, or at least 5 years of relevant experience.
- Minimum of five years in a System Security Engineer role or similar.
- Demonstrated ability to develop and manage security systems.
- Expertise in Azure, AWS, Microsoft E5, Sentinel, Defender for Endpoint, and other security technologies.
- Proficiency in network security and monitoring.
- Recognized security certifications (CISSP, CISM, CISA, GIAC, CCSP, OSCP, CEH, etc.).
- Skilled in automation scripting with Python, Bash, & PowerShell.
- Experience in designing security architecture for various deployment models.
- Knowledgeable in enterprise security solutions and security protocols.
- Experience with regulatory compliance and information security management frameworks (NIST,
- IS027001, PCI DSS, GDPR, HIPAA, etc.).
- Familiarity with security frameworks like MITRE ATT&CK and CIS 20.
- Experience with DevOps and CI/CD pipeline security aspects, including container orchestration security.
- Knowledge of data privacy practices and laws.