Senior IT Security Engineer- Hybrid
Arlington, Virginia
Onsite
Full Time
$125k - $140k
Senior IT Security Engineer
The Senior IT Security Engineer is part of a team of engineers who architect, design, build, maintain, and support the Firm’s portfolio of security technologies and solutions, inclusive of Perimeter Defense, Monitoring & Logging, and Identity, Access, and Authorization Management. This role leads the lifecycle management of the Perimeter Defense portfolio, with focus on VPN / Firewall and networking security solutions.
The candidate will need to come on site to their D.C. Office once a week, so the candidate must be local to the D.C. area.
What You Will Be Doing:
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship
The Senior IT Security Engineer is part of a team of engineers who architect, design, build, maintain, and support the Firm’s portfolio of security technologies and solutions, inclusive of Perimeter Defense, Monitoring & Logging, and Identity, Access, and Authorization Management. This role leads the lifecycle management of the Perimeter Defense portfolio, with focus on VPN / Firewall and networking security solutions.
The candidate will need to come on site to their D.C. Office once a week, so the candidate must be local to the D.C. area.
What You Will Be Doing:
- Owns the lifecycle management of the Firm’s Perimeter Defense solutions portfolio to protect the Firm’s technology estate, including but not limited to VPN / Firewall and networking security.
- Partners closely with the Firm’s Cyber organization and other IT Security Solutions engineers to establish common standards and objectives for the Firm’s security solutions, supports broader IT Security functional objectives as needed.
- Leads maintenance for ongoing patches, updates, fixes.
- Continuously adapts and fine-tunes architecture, configuration standards, and protocols in partnership with Infrastructure and Cyber organizations.
- Partners closely with Information Security, Compliance, and IT leadership to architect solutions that uphold the Firm’s policies, standards, and requirements, preserving the balance between security and quality end-user experience.
- Works closely with IT technical teams to evaluate, apply, and uphold security standards for Firm information, computer, network, and processing systems.
- Intakes and prioritizes the response and remediation of Information Security Incidents and Requests, and measures performance.
- Leads continuous process development, improvement, and automation of Perimeter Defense related solutions and support activities.
- Participates in the design and implementation of recommended information security controls associated with new project application/system deployments.
- Contributes to the design and supports the execution of vulnerability assessments, penetration tests, and security audits.
- College degree is strongly preferred, ideally in Computer Science, Information Systems, or a related technical discipline. Master’s degree is preferred.
- Appropriate technical certification(s) are preferred.
- 5+ years of relevant experience, ideally in a large Law Firm setting, a comparable professional services organization, or a legal information services provider.
- Demonstrated experience working with, and preferably owning, perimeter defense, VPN / Firewall, and Network Infrastructure solutions.
- Demonstrated experience managing the system lifecycle for security solutions, inclusive of ongoing support for security patches, updates, and fixes.
- Demonstrated experience in network switching and routing, firewall and intrusion detection and prevention systems, network, and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).
- Experience with network and system security administration, including operating system security configuration and account management best practices.
- Experience with of SIEM, MDR, E/XDR tools, Windows desktop and server security tools and topics, Azure security, Windows Event logging, syslog, and related telematics topics.
- Experience with vulnerability assessments / techniques, and penetration tools for systems security.
- Experience with encryption & digital certificates, log management, Syslog analysis, and TCP/IP analysis.
- Proven experience working in a fast-paced environment.
- Demonstrated ability to serve as a change agent, leading and inspiring others to act, especially under circumstances when change is unpopular.
- Ability to establish rapport and elicit cooperation from personnel across all levels, including executive management, and cross-functional leadership.
- Ability to develop and motivate technology teams, inclusive of staff, and 3rd party vendors/consultants.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn’t provide sponsorship