Senior Information Security Engineer

Please note that Jackson Walker is not currently accepting search firm submissions in connection with this opening.

Senior Information Security Engineer

FLSA Status: Exempt

Department: IT

Reports to: Director of Information Security

POSITION SUMMARY

The Senior Information Security Engineer is responsible for maintaining the security and integrity of the Firm’s data, hardware, software and people. Their primary responsibility is to manage the information security systems and processes of the Firm and respond to any alerts and warnings generated by those systems including: verifying and responding to incidents, containing and remediating confirmed incident, and recovery following an incident. The Senior Security Engineer will work with the Director of Information Security as well as the various IT teams in communicating and remediating flaws in security systems.

SPECIFIC DUTIES

• Manage and enhance Jackson Walker’s Information Security infrastructure and critical security operational processes including:

Microsoft M365/Azure security tools/processes including:

• Defender for O365
• Defender for Identity
• Defender for Cloud
• Sentinel (SIEM) and KQL queries
• Conditional Access Policies

Palo Alto Networks Next-Gen Firewalls and GlobalProtect VPN

• Monitor Jackson Walker’s computing environment by performing security event analysis to detect activities including but not limited to: policy violations, abnormal behaviors, network intrusions, best practice recommendations, etc.
• Assist in execution and fulfillment of Jackson Walker vulnerability management and penetration testing processes and assessments.
• Participate in security audits, client risk assessments, risk analyses and security reviews.
• Take quick corrective actions on identified threats, identify root causes, and put measures in place to prevent repeat occurrences.
• Crafting, revising and documenting Information Security standards, procedures, security checklists, operational playbooks, cyber newsletters, etc.
• Work with vendors, partners and consultants to identify security technology advancements and help determine the viability of those advancements to the Firm.
• Evaluates, and recommends, new security technologies, processes, and procedures for applicability to the Firm’s security business needs.
• Provides advice, documentation and training to Firm personnel on information security technologies.
• Leads the Firm’s patching process to ensure that the Firm maintains the most up-to-date operating system development activities including webinars, seminars, conferences and formal training classes.
• Assist with Firm’s disaster recovery and business continuity planning and testing activities.
• Other duties assigned by the employer.

QUALIFICATIONS

• Familiarity with security controls in a Microsoft Azure cloud environment.
• SIEM experience to including monitoring, threat hunting, creating correlation rules and alerts.
• Understanding of network protocols, creating firewall rules and IDS/IPS signatures.
• Experience performing vulnerability scanning, interpreting results and remediating findings.
• Experience hardening Windows, Mac, and Linux Operating Systems (both clients and servers).
• Preferred: Knowledge of information security standards/frameworks e.g. NIST, ISO-27001, CIS Critical Controls
• Preferred: Familiarity with Microsoft Endpoint Configuration Manager or similar
• Preferred: Familiarity with security controls in a cloud environment (preferably Microsoft Azure)
• Must be a creative problem solver, flexible, proactive, and able to work in a fast-paced, ever-changing environment.
• Strong oral and written communication skills required, including the ability to tailor communication to various audiences.
• Interpersonal skills necessary to communicate effectively in person, by email and telephone to provide information to clients, attorneys and staff with courtesy and tact.

Education:

• Bachelor’s degree from an accredited college or university preferred.
• Substantial work experience will be considered in lieu of a degree.
• At least one (1) industry-recognized security certification(s): CISSP, GSEC, CEH, GCIH, CySA+, Security+, etc.

Years of Experience:

• Should have at least 3 years of experience in a general IT related role.
• Must have at least 3 to 5 years of progressive experience in an information security role.

Physical Requirements:

• Sighted.
• Must be able to lift PC equipment, printers, and other hardware up to 50 pounds.

Working Conditions:

• Normal office environment with little exposure to excessive noise and temperature.
• Will occasionally be required to work more than 40 hours a week.
• Must carry a Firm mobile communications device and be available after normal working hours.
• Occasional travel to other Firm locations and/or remote training facilities.

The above is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of essential functions, responsibilities, or requirements.

We are proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, veteran status, sexual orientation, gender identity, marital status, pregnancy, genetic information, or any other characteristic protected by law and will not be discriminated against on the basis of disability. It is our intention that all qualified applicants are given equal opportunity and that employment decisions be based on job-related factors.