Listing Description
The Information Security Engineer will assist in evaluating and advising on
architecture designs to ensure proper security processes and controls are in
place, and assist in reviewing existing security configurations and designs for
weaknesses and identify areas of improvement.
KEY
RESPONSIBILITIES /
ACCOUNTABILITIES
Serve as a technical security SME to advise on proper security
designs for new and existing architecture and services,
Work between Information Security and IT teams to ensure
requirements are incorporated into designs, and escalating risks,
Provide support for engineering, operations, and security teams to
aid in resolving security events,
Oversee IT systems risk assessments and control validation,
Assist in threat modelling to ensure the right security services are
implemented against the right risks, and properly communicate to
relevant stakeholders,
Participate in the change management process,
Provide subject matter expertise in information security as it relates to
- 2 -
SUPP01//6829895.1 Hogan Lovells
networks and systems,
Assist in security incident response,
Monitor appropriate venues for threats to the security of the Hogan
Lovells environment. Provide notification of actions needed to
mitigate threats and manage the threat lifecycle,
Support and assist with external security audits of the firm’s
environment,
Maintain knowledge of the information security needs of firm clients
and implement measures to satisfy those requirements in the most
efficient manner,
Keep abreast of emerging security technologies and discipline
developments. Make appropriate recommendations that meet the
firm's needs,
Provide other teams with security consulting services, including
responding to requests for additional information and assisting with
specific projects.
All members of the firm participate in our Responsible Business program
Specific duties or responsibilities may be reviewed from time to time to reflect
changes in personnel and management structure, staff location or services
PERSON SPECIFICATION
QUALIFICATIONS
AND EXPERIENCE
3 to 5 years of security / cybersecurity experience,
Industry certifications in cybersecurity, such as CISSP, GSEC, CSSP
preferred,
BS degree in computer science, cybersecurity, or related field, or
equivalent work experience,
Familiarity with a variety of security tools and platforms, including
Palo Alto and Microsoft,
Subject matter expertise in areas such as network security, cloud
security, zero trust,
Cloud service experience, including AWS, Azure, and SaaS services
Experience implementing various security control sets, such as NIST,
CSA, HIPAA, PCI, etc,
Direct experience implementing and operating security tools such as
WAF, IPS/IDS, SIEM, DLP, Automation and Orchestration,
Encryption,
Expertise in malware detection technologies and remediation.
GENERAL
ATTRIBUTES
Thorough understanding of the latest security principles, techniques,
and protocols,
Understanding of the OSI model,
Able to communicate clearly and effectively with people from both
technical and non-technical backgrounds,
Understand the information security lifecycle and how to apply a
disciplined approach to security that incorporates business priorities.
Listing Details
- Salary: $90000 - $106000
- Citizenship: Other Citizenship
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Hybrid Telecommute