Network Security Engineer

Network Security Engineer Job Description Summary Jeffer Mangels Butler & Mitchell LLP (JMBM) is a results-driven law firm with a relentless focus on client satisfaction. It is through this focus that our work has a purpose and develops into a passion. We take pride in providing our clients with the results they deserve. If you thrive in an environment where your colleagues' defining characteristics are achievement, adaptability, initiative, professionalism, and resourcefulness, the culture at JMBM will prove rewarding. We are excited to invite a Network Security Engineer to join our dynamic IT team. This role is ideal for someone who is enthusiastic about securing critical infrastructure and ensuring the confidentiality, integrity, and availability of data in a fast-paced legal environment. You'll begin by helping us assess and enhance our network architecture, then shift into a security-centric role that protects the digital foundation of our attorneys, staff, and clients. This position is hands-on, proactive, and collaborative-perfect for someone who thrives on solving complex challenges and building resilient systems. If you're passionate about both networking and security, and ready to make a tangible impact, we want to hear from you! Essential Duties Design, implement, and manage Layer 2/Layer 3 network infrastructures, including advanced switching, routing, and inter-VLAN routing. Configure and maintain routing protocols such as BGP, OSPF, and static routes to ensure network stability, scalability, and high availability. Manage VLANs, spanning tree protocols, and link aggregation (LACP/EtherChannel) to optimize redundancy and throughput. Administer and secure networks using firewall policies, NAT rules, and VPN management on platforms like Palo Alto and Meraki. Implement network segmentation strategies and least-privilege architectures to support the firm's Zero Trust security model. Administer and enforce secure access practices, including MFA, SSO, and conditional access policies across Microsoft 365 and VPN platforms. Manage and optimize email and web security solutions (e.g., Mimecast, Forcepoint) to defend against phishing, malware, and advanced persistent threats. Deploy and maintain endpoint detection and response (EDR) solutions such as SentinelOne to protect all firm-managed user devices. Leverage tools like Darktrace, SolarWinds, and Nessus to proactively detect anomalous behavior, assess vulnerabilities, and respond to emerging threats in real time. Monitor and improve the firm's cybersecurity posture using SIEM platforms, IDS/IPS tools, and vulnerability management workflows. Investigate, document, and respond to security incidents, unauthorized activity, and alerts with urgency and professionalism. Collaborate closely with infrastructure, applications, and help desk teams to ensure alignment with security standards and assist in troubleshooting complex issues. Provide guidance and root cause analysis for escalated issues and support cases affecting WAN/LAN, wireless, and fiber optic networks. Contribute to disaster recovery and business continuity planning through network redundancy, resiliency testing, and failover strategy support. Participate in compliance audits, client security reviews, and internal risk assessments. Continuously evaluate new security technologies and best practices to improve the firm's defenses and operational efficiency. Qualifications Bachelor's degree in Computer Science, Information Systems, or related field preferred, or equivalent combination of education, training, and hands-on experience. Minimum 5 years of experience in network, security, or IT infrastructure roles. In-depth knowledge of networking protocols (TCP/IP, DNS, DHCP, BGP), segmentation, and routing/switching principles. Hands-on experience configuring and managing firewalls and VPN technologies. Strong understanding of cybersecurity principles, tools, and frameworks (e.g., NIST, CIS Controls, ISO 27001). Experience conducting risk assessments and implementing remediation strategies in professional services or legal environments preferred. Excellent diagnostic and troubleshooting skills in both networking and security contexts. Security certifications such as CISSP, CISM, CEH, CCNP Security, or similar are a plus. Position: Non-Exempt Location: Century City. 5 days onsite for the first 90-days, then 3 days per week onsite, 2 days remote thereafter. Salary: $110k-$150k Internal Privacy Policy #J-18808-Ljbffr