Senior Security Engineer

We have a great opportunity for an experienced Senior Security Engineer in our global law firm client's Los Angeles office. The Senior Security Engineer is a hands-on role that requires a high level of technical expertise and will be responsible for a broad range of tasks, including day-to-day administration of cybersecurity tools and devices, and on point incident response. In addition, this position will have significant responsibilities for the administration, engineering, auditing, and documentation of various IT Security related systems across the enterprise. This role will work closely with the Enterprise Architecture and Service Delivery (EA&SD) team, and the Senior Security Engineer will assist with the Service Delivery (SD) platform and Cloud security posture, including: Disaster Recovery (DR)/Business Continuity (BC) programs, vulnerability assessment findings, Zero Day vulnerabilities, posture related exercises so that Information Security directives and activities align with Loeb's data security policy, ISO 27001:2022 and client audit requirements/directives, etc. What You'll Do: - Working alongside the Service Delivery team and IT vendors, takes instructions from the CISO and Director of EA&SD for the installation and configuration of Security related systems; assists with the Security posture of the various platforms and applications (Zero Trust); assists with Group Policy; assists with Zero Day vulnerabilities and across all on premises and cloud related systems. - Provides first-line and on-call support for security incident escalation and remediation 24x7, 365. - Assists and trains junior team members in the use of security tools, the preparation of security reports, and the resolution of security issues; cross trains engineers where applicable (Desktop Analysts, 2nd tier, SD Team) - Reports unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes - Develops and maintains documentation for security systems and procedures - Responsibility in creating and maintaining Security related documentation as directed by the CISO, Director of EA&SD and Security Manager of Governance, Risk and Compliance or the associated project team. - Has strong knowledge of on premises and Cloud (primarily Azure/MS E5 related platforms) Identity Management & Policy Control - Responsibility for AD, PIM/PAM, LAPs, and associated technologies for privilege management - Driving Zero Trust design with CISO and Director of EA&SD - Performs normal and exceptional processing of user access and change requests, escalating such requests when appropriate and following Incident Management and Change Management guidelines. Disaster Recovery and Business Continuity - Participates in and leads preparing, planning and testing Disaster Recovery initiatives partnering with the CISO and Director of SD&EA and the SD team. - Partners with CISO and Director of EA&SD on the continuous improvement of all DR/BC systems, given the results from testing these systems and recalibrate and document MTD, RPO, and RTP. Event Management/SIEM Management - Responds to, and where appropriate, resolves or escalates reported security incidents - Monitors system logs, SIEM tools, and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution - Investigates and resolves security violations , provides postmortem analysis and leads post incident review determining any continuous improvement objectives (necessary changes to process or systems) that would prevent such incidents from reoccurring; feeds Known Problem and Incident Response Management policies and procedures as necessary. - Manage and monitor external Security Operation Centers to ensure appropriate configurations are maintained and incidents remediated Service Delivery Platform Protection - Partners as needed in Service Delivery projects to develop, plan and implement Security configuration items - Leads 3rd party review of firewalls and partnering with the Senior Network Engineer - Partners as needed with SD teams installing and testing new security software and technologies - Supports data encryption deployments, including key management and documentation Risk, Control, Threat and Vulnerability Management - Supporting the Manager of Governance, Risk and Compliance, assists with the gathering of security audit related artifacts for Configuration Item identification; across all of IT and Business Services , and maintains a compliance related central repository to store all artifacts in a central location; eliminates the need for repeat requests tied to audits - Coordinates remediation required by audits and documents exceptions as necessary - Leads vulnerability management scanning, reporting and remediation, partnering with the Service Delivery (SD) team and associated IT vendors. - Leads penetration testing for all platforms partnering with the vendor and SD team to complete posture remediation. - Responsibility for endpoint vulnerability clients. - Microsoft Defender for Endpoint policies, Endpoint control, Microsoft E5 use and continuous improvement, vulnerability endpoint clients, DNS and Secure Web Gateway, etc. - Research threats and vulnerabilities(personal effort, vendor related feedback, vulnerability management platforms, industry groups and news alerts ), and where appropriate take action to mitigate threats and coordinate remediation of the vulnerabilities across Service Delivery associated platforms. - Collates security incident and event data to produce monthly exception and management reports; works with the Supervisor of Help Desk and Process to contribute to monthly IT operational reporting. Incident Response - On Point 24x7, 365, for all incident response related actions - Partners with Incident Response retainer vendors in the identification and remediation of the threat, partnering with and leading the SD team efforts across platforms given associated engineering tasks. Security Engineering - Maintains security diagrams - Participates and supports cybersecurity architectural requirements as directed by the CISO and Director of EA&SD - Participates in cybersecurity working groups What You'll Bring: - Bachelor of Science in Computer Science or a related field or a minimum of 5 years of comparable work experience - Five or more years of work experience as a System Security Engineer or related position - Proven experience developing, operating, and maintaining security systems - Extensive knowledge of Azure, MS E5, Sentinel, Defender for Endpoint, Tenable, Varonis, Fortigate, and Cisco Firewall, including operating system, database security - Proficiency in networking technologies, network security, and network monitoring solutions - Knowledge of security systems, including anti-virus applications, content filtering, firewalls, authentication systems, and intrusion detection and notification systems - Security Certifications such as CISSP, CISM, CCNA-S, CISA, GIAC - Experience with scripting automation using Python, Bash & PowerShell - Proven experience building security reference architecture for on premises, all-in-cloud deployments, and hybrid scenarios - Implementation experience with enterprise security solutions such as Endpoint Protection (DLP/Allow listing/HIPS), WAF, IPS, Anti-DDOS, and SIEM/FIM. - In-depth knowledge of security protocols and principles - Exceptional communication skills, critical thinking skills and ability to solve complex problems