Listing Description
The Information Security Engineer will assist in evaluating and advising on architecture designs to ensure proper security processes and controls are in place, and assist in reviewing existing security configurations and designs for weaknesses and identify areas of improvement.
KEY RESPONSIBILITIES
Serve as a technical security SME to advise on proper security designs for new and existing architecture and services,
Work between Information Security and IT teams to ensure requirements are incorporated into designs, and escalating risks,
Provide support for engineering, operations, and security teams to aid in resolving security events
Oversee IT systems risk assessments and control validation,
Assist in threat modelling to ensure the right security services are implemented against the right risks, and properly communicate to relevant stakeholders,
Participate in the change management process,
Provide subject matter expertise in information security as it relates to networks and systems
Assist in security incident response,
Monitor appropriate venues for threats to the security of the Hogan Lovells environment. Provide notification of actions needed to mitigate threats and manage the threat lifecycle,
Support and assist with external security audits of the firm’s environment
Maintain knowledge of the information security needs of firm clients and implement measures to satisfy those requirements in the most efficient manner,
Keep abreast of emerging security technologies and discipline developments. Make appropriate recommendations that meet the firms needs,
Provide other teams with security consulting services, including responding to requests for additional information and assisting with specific projects.
All members of the firm participate in our Responsible Business program
Specific duties or responsibilities may be reviewed from time to time to reflect changes in personnel and management structure, staff location or services
QUALIFICATIONS AND EXPERIENCE
3 to 5 years of security / cybersecurity experience,
Industry certifications in cybersecurity, such as CISSP, GSEC, CSSP preferred
BS degree in computer science, cybersecurity, or related field, or equivalent work experience,
Familiarity with a variety of security tools and platforms, including Palo Alto and Microsoft
Subject matter expertise in areas such as network security, cloud security, zero trust,
Cloud service experience, including AWS, Azure, and SaaS services
Experience implementing various security control sets, such as NIST, CSA, HIPAA, PCI, etc,
Direct experience implementing and operating security tools such as WAF, IPS/IDS, SIEM, DLP, Automation and Orchestration, Encryption,
Expertise in malware detection technologies and remediation.
GENERAL ATTRIBUTES
Thorough understanding of the latest security principles, techniques, and protocols,
Understanding of the OSI model,
Able to communicate clearly and effectively with people from both technical and non-technical backgrounds,
Understand the information security lifecycle and how to apply a disciplined approach to security that incorporates business priorities.
Listing Details
- Salary: $90000 - $106000
- Citizenship: Other Citizenship
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Hybrid Telecommute