1+ months

Senior IT Security Engineer

Orrick, Herrington & Sutcliffe LLP
Wheeling, WV 26003 Work Remotely

What you need to know:  Successful applicants will be required to provide proof of being fully vaccinated against COVID-19 prior to the commencement of employment. Applicants who wish to apply for a medical, religious accommodation or any other accommodation required under applicable law can do so later in the process (accommodations are not guaranteed and are decided on a case by case basis).

Orrick currently has an excellent opportunity for a Senior IT Security Engineer in the Global Operations & Innovation Center (“GOIC”) in Wheeling, WV.    

Are you a high-energy individual who thrives in technology environments? Do you love working with smart, dynamic, collaborative teams? This may be the opportunity you have been looking for!

Your Responsibilities:   

The Senior IT Security Engineer is a member of the IT security team, and provides advanced analysis, troubleshooting and resolution of complex technical issues impacting the company's networks, operating systems, applications, and services. This individual will help secure company systems, identify potential weaknesses, remediate vulnerabilities, conduct security assessments, and investigate and resolve security incidents. They will provide subject matter expertise to internal and external technical teams regarding security best practices for on-premise Microsoft servers, as well as O365, Azure, and other cloud-based solutions. The senior security engineer will identify, select, deploy, and administer various security utilities in support of the overall security program. This role reports to the Manager of Information Security and works closely with the Information Technology team to ensure security standards and best practices are implemented throughout the enterprise.

  • Ensure compliance with security policies, standards, and procedures 
  • Coordinate with firm IT teams, including Systems, Network and Web Engineering teams on implementation and support of key Microsoft/Azure/O365 initiatives.         
  • Provide SME support for new and existing Cloud initiatives security systems for network/ application / database; providing technical support as needed on-premise and in the cloud
  • Assist in maintaining enterprise information security policies, technical standards, guidelines, and procedures necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls
  • Work with engineering and operation teams to implement threat detection signals, deploy new tooling, and improve response capabilities.
  • Identifies, designs, and deploys solutions to secure cloud usage 
  • Identify opportunities for security process improvement and assists in the further development of those processes
  • Conducts audits and/or assessments, to identify cloud-related risks and vulnerabilities and coordinates remediation activities 
  • Tracks and reports on the effectiveness of cloud information security technology controls, processes and policies 
  • Provides threat modeling and risk assessment to identify the risk and severity posture of various systems in cloud environments 
  • Assists with the investigation of security incidents, recommends and implements solutions to remediate or mitigate them 
  • Coordinates with stakeholders and third parties in the security monitoring of cloud environments 
  • Provide subject matter expertise with Office 365 and Microsoft Azure with emphasis in security products and processes such as ATP (Advanced Threat Protection), security policies for Office 365, Azure AD Identity Protection and Conditional Access (CA).
  • Provide subject matter expertise in compliance and data retention, leveraging Office 365, DLP (Data Loss Protection) and CASB (Cloud Access Security Brokers). Provide architecture and security expertise for Microsoft Azure security technologies and strategy.
  • Provide comprehensive security and threat analysis consultation to firm business units, IT teams, and senior management at a high technical level on Microsoft-related firm security initiatives.
  • Provide consultation on higher level services such as IaaS, PaaS and SaaS layers, Authentication/Authorization, Data encryption, Key management and other security services.
  • Maintains current knowledge of relevant security, privacy, and cloud technology trends 
  • Collaborates with stakeholders on integration of cloud security architecture into overall enterprise architecture 
  • Collaborates in the design, development, and implementation of security standards 
>

Your Knowledge, Experience and Education:

  • Five years of experience required; seven years preferred 
  • University (Degree) is preferred

Required Qualifications

  • Five years of hands-on experience with Microsoft O365/M365 and Azure security solutions and architecture

Preferred Qualifications

  • Five years of experience as an Azure/O365 engineer in a 2000+ user environment
  • Minimum Education/Experience: Bachelor’s degree (BA or BS) from an accredited college or university
  • Professional certifications in Information Technology and cloud security; Azure Solutions Architect Certification, Microsoft Azure Architect Technologies (preferred) CCSP, CISA, CEH, OSCP; 
  • Experience with MS Enterprise Mobility and Security Suite (EM+S), Advanced Threat Protection (ATP), Azure Information Protection (AIP), Intune, Microsoft MCAS CASB and MS Azure Security Center Console.
  • In-depth knowledge of Authorization & Authentication in Microsoft hybrid environment and experience with Azure AD including Single Sign On (SSO) and Multi Factor Authentication (MFA).
  • Working knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-53 or OWASP

Who is Orrick? Orrick is a global law firm focused on serving the technology & innovation, energy & infrastructure and finance sectors. Founded more than 150 years ago in San Francisco, Orrick today has offices in 25+ markets worldwide. We are recognized worldwide for delivering the highest-quality legal advice through our diverse teams and for our culture of innovation and collaboration.  Financial Times selected Orrick as the Most Digital Firm of 2020, and in the past five years, the Most Innovative Law Firm of the Year three times and runner-up twice. For the seventh year in a row, Fortune named Orrick to its 2022 list of the 100 Best Companies to Work For.  Learn more about our awesome employee experience here: Fortune 100 Great Place To Work certified company*. 

Orrick offers a collaborative work environment, competitive salary, and excellent benefits, from wellness and mindfulness programs to social impact opportunities, professional staff affinity group communities and generous paid time off. 

Please visit www.orrick.com for more information about the firm. 

How to Apply: If you are searching for a chance to create an impact, you have a little grit and you love working with a team, we want to talk with you. To submit your resume and cover letter for this position, please visit our Staff and Paralegal Opportunities Listings at www.orrick.com/Careers

No phone calls please. 

We are an Equal Opportunity Employer. 

 #LI-KS1

Categories

Posted: 2022-01-28 Expires: 2022-05-29

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior IT Security Engineer

Orrick, Herrington & Sutcliffe LLP
Wheeling, WV 26003

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast