SourcePro Search
SourcePro Search has a fantastic opportunity for an experienced Senior Security Engineer in our global law firm client's Los Angeles office.
The Senior Security Engineer is a hands‑on role that requires a high level of technical expertise and will be responsible for a broad range of tasks, including day‑to‑day administration of cybersecurity tools and devices, and on‑point incident response. In addition, this position will have significant responsibilities for the administration, engineering, auditing, and documentation of various IT Security related systems across the enterprise. This role will work closely with the Enterprise Architecture and Service Delivery (EA&SD) team, and the Senior Security Engineer will assist with the Service Delivery (SD) platform and Cloud security posture, including Disaster Recovery (DR)/Business Continuity (BC) programs, vulnerability assessment findings, Zero Day vulnerabilities, posture‑related exercises so that Information Security directives and activities align with Loeb’s data security policy, ISO 27001:2022 and client audit requirements/directives, etc.
What You'll Do:
Working alongside the Service Delivery team and IT vendors, take instructions from the CISO and Director of EA&SD for the installation and configuration of security‑related systems; assist with the security posture of the various platforms and applications (Zero Trust); assist with Group Policy; assist with Zero Day vulnerabilities and across all on‑premises and cloud‑related systems.
Provide first‑line and on‑call support for security incident escalation and remediation 24x7, 365.
Assist and train junior team members in the use of security tools, the preparation of security reports, and the resolution of security issues; cross‑train engineers where applicable (Desktop Analysts, 2nd tier, SD Team).
Report unresolved network security exposures, misuse of resources or non‑compliance situations using defined escalation processes.
Develop and maintain documentation for security systems and procedures.
Responsibility in creating and maintaining security‑related documentation as directed by the CISO, Director of EA&SD and Security Manager of Governance, Risk and Compliance or the associated project team.
Have strong knowledge of on‑premises and Cloud (primarily Azure/MS E5 related platforms) Identity Management & Policy Control.
Responsibility for AD, PIM/PAM, LAPs, and associated technologies for privilege management—driving Zero Trust design with CISO and Director of EA&SD.
Perform normal and exceptional processing of user access and change requests, escalating such requests when appropriate and following Incident Management and Change Management guidelines. Disaster Recovery and Business Continuity.
Participate in and lead preparing, planning and testing Disaster Recovery initiatives partnering with the CISO and Director of SD&EA and the SD team.
Partner with CISO and Director of EA&SD on the continuous improvement of all DR/BC systems, given the results from testing these systems and recalibrate and document MTD, RPO, and RTP. Event Management/SIEM Management.
Respond to, and where appropriate, resolve or escale reported security incidents.
Monitor system logs, SIEM tools, and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
Investigate and resolve security violations, provide post‑mortem analysis and lead post‑incident review determining any continuous improvement objectives (necessary changes to process or systems) that would prevent such incidents from reoccurring; feed Known Problem and Incident Response Management policies and procedures as necessary.
Manage and monitor external Security Operation Centers to ensure appropriate configurations are maintained and incidents remediated. Service Delivery Platform Protection.
Partner as needed in Service Delivery projects to develop, plan and implement security configuration items.
Lead 3rd‑party review of firewalls and partner with the Senior Network Engineer—Partners as needed with SD teams installing and testing new security software and technologies.
Support data encryption deployments, including key management and documentation.
Support the Manager of Governance, Risk and Compliance, assist with the gathering of security audit related artifacts for Configuration Item identification across all of IT and Business Services, and maintain a compliance‑related central repository to store all artifacts in a central location; eliminate the need for repeat requests tied to audits.
Coordinate remediation required by audits and document exceptions as necessary.
Lead vulnerability management scanning, reporting and remediation, partnering with the Service Delivery (SD) team and associated IT vendors.
Lead penetration testing for all platforms partnering with the vendor and SD team to complete posture remediation. Responsibility for endpoint vulnerability clients.
Microsoft Defender for Endpoint policies, endpoint control, Microsoft E5 use and continuous improvement, vulnerability endpoint clients, DNS and Secure Web Gateway, etc.
Research threats and vulnerabilities (personal effort, vendor‑related feedback, vulnerability management platforms, industry groups and news alerts), and where appropriate take action to mitigate threats and coordinate remediation of the vulnerabilities across Service Delivery associated platforms.
Collate security incident and event data to produce monthly exception and management reports; work with the Supervisor of Help Desk and Process to contribute to monthly IT operational reporting.
Incident Response—on‑point 24x7, 365, for all incident response related actions.
Partner with Incident Response retainer vendors in the identification and remediation of the threat, partnering with and leading the SD team efforts across platforms given associated engineering tasks.
Maintain security diagrams.
Participate and support cybersecurity architectural requirements as directed by the CISO and Director of EA&SD.
Participate in cybersecurity working groups.
What You'll Bring:
Bachelor of Science in Computer Science or a related field or a minimum of 5 years of comparable work experience.
Five or more years of work experience as a System Security Engineer or related position.
Proven experience developing, operating, and maintaining security systems.
Extensive knowledge of Azure, MS E5, Sentinel, Defender for Endpoint, Tenable, Varonis, Fortigate, and Cisco Firewall, including operating system and database security.
Proficiency in networking technologies, network security, and network monitoring solutions.
Knowledge of security systems, including anti‑virus applications, content filtering, firewalls, authentication systems, and intrusion detection and notification systems.
Security certifications such as CISSP, CISM, CCNA‑S, CISA, GIAC.
Experience with scripting automation using Python, Bash & PowerShell.
Proven experience building security reference architecture for on‑premises, all‑in‑cloud deployments, and hybrid scenarios.
Implementation experience with enterprise security solutions such as Endpoint Protection (DLP/Allow‑listing/HIPS), WAF, IPS, Anti‑DDoS, and SIEM/FIM.
In‑depth knowledge of security protocols and principles.
Exceptional communication skills, critical‑thinking skills, and ability to solve complex problems.
#J-18808-Ljbffr
The Senior Security Engineer is a hands‑on role that requires a high level of technical expertise and will be responsible for a broad range of tasks, including day‑to‑day administration of cybersecurity tools and devices, and on‑point incident response. In addition, this position will have significant responsibilities for the administration, engineering, auditing, and documentation of various IT Security related systems across the enterprise. This role will work closely with the Enterprise Architecture and Service Delivery (EA&SD) team, and the Senior Security Engineer will assist with the Service Delivery (SD) platform and Cloud security posture, including Disaster Recovery (DR)/Business Continuity (BC) programs, vulnerability assessment findings, Zero Day vulnerabilities, posture‑related exercises so that Information Security directives and activities align with Loeb’s data security policy, ISO 27001:2022 and client audit requirements/directives, etc.
What You'll Do:
Working alongside the Service Delivery team and IT vendors, take instructions from the CISO and Director of EA&SD for the installation and configuration of security‑related systems; assist with the security posture of the various platforms and applications (Zero Trust); assist with Group Policy; assist with Zero Day vulnerabilities and across all on‑premises and cloud‑related systems.
Provide first‑line and on‑call support for security incident escalation and remediation 24x7, 365.
Assist and train junior team members in the use of security tools, the preparation of security reports, and the resolution of security issues; cross‑train engineers where applicable (Desktop Analysts, 2nd tier, SD Team).
Report unresolved network security exposures, misuse of resources or non‑compliance situations using defined escalation processes.
Develop and maintain documentation for security systems and procedures.
Responsibility in creating and maintaining security‑related documentation as directed by the CISO, Director of EA&SD and Security Manager of Governance, Risk and Compliance or the associated project team.
Have strong knowledge of on‑premises and Cloud (primarily Azure/MS E5 related platforms) Identity Management & Policy Control.
Responsibility for AD, PIM/PAM, LAPs, and associated technologies for privilege management—driving Zero Trust design with CISO and Director of EA&SD.
Perform normal and exceptional processing of user access and change requests, escalating such requests when appropriate and following Incident Management and Change Management guidelines. Disaster Recovery and Business Continuity.
Participate in and lead preparing, planning and testing Disaster Recovery initiatives partnering with the CISO and Director of SD&EA and the SD team.
Partner with CISO and Director of EA&SD on the continuous improvement of all DR/BC systems, given the results from testing these systems and recalibrate and document MTD, RPO, and RTP. Event Management/SIEM Management.
Respond to, and where appropriate, resolve or escale reported security incidents.
Monitor system logs, SIEM tools, and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution.
Investigate and resolve security violations, provide post‑mortem analysis and lead post‑incident review determining any continuous improvement objectives (necessary changes to process or systems) that would prevent such incidents from reoccurring; feed Known Problem and Incident Response Management policies and procedures as necessary.
Manage and monitor external Security Operation Centers to ensure appropriate configurations are maintained and incidents remediated. Service Delivery Platform Protection.
Partner as needed in Service Delivery projects to develop, plan and implement security configuration items.
Lead 3rd‑party review of firewalls and partner with the Senior Network Engineer—Partners as needed with SD teams installing and testing new security software and technologies.
Support data encryption deployments, including key management and documentation.
Support the Manager of Governance, Risk and Compliance, assist with the gathering of security audit related artifacts for Configuration Item identification across all of IT and Business Services, and maintain a compliance‑related central repository to store all artifacts in a central location; eliminate the need for repeat requests tied to audits.
Coordinate remediation required by audits and document exceptions as necessary.
Lead vulnerability management scanning, reporting and remediation, partnering with the Service Delivery (SD) team and associated IT vendors.
Lead penetration testing for all platforms partnering with the vendor and SD team to complete posture remediation. Responsibility for endpoint vulnerability clients.
Microsoft Defender for Endpoint policies, endpoint control, Microsoft E5 use and continuous improvement, vulnerability endpoint clients, DNS and Secure Web Gateway, etc.
Research threats and vulnerabilities (personal effort, vendor‑related feedback, vulnerability management platforms, industry groups and news alerts), and where appropriate take action to mitigate threats and coordinate remediation of the vulnerabilities across Service Delivery associated platforms.
Collate security incident and event data to produce monthly exception and management reports; work with the Supervisor of Help Desk and Process to contribute to monthly IT operational reporting.
Incident Response—on‑point 24x7, 365, for all incident response related actions.
Partner with Incident Response retainer vendors in the identification and remediation of the threat, partnering with and leading the SD team efforts across platforms given associated engineering tasks.
Maintain security diagrams.
Participate and support cybersecurity architectural requirements as directed by the CISO and Director of EA&SD.
Participate in cybersecurity working groups.
What You'll Bring:
Bachelor of Science in Computer Science or a related field or a minimum of 5 years of comparable work experience.
Five or more years of work experience as a System Security Engineer or related position.
Proven experience developing, operating, and maintaining security systems.
Extensive knowledge of Azure, MS E5, Sentinel, Defender for Endpoint, Tenable, Varonis, Fortigate, and Cisco Firewall, including operating system and database security.
Proficiency in networking technologies, network security, and network monitoring solutions.
Knowledge of security systems, including anti‑virus applications, content filtering, firewalls, authentication systems, and intrusion detection and notification systems.
Security certifications such as CISSP, CISM, CCNA‑S, CISA, GIAC.
Experience with scripting automation using Python, Bash & PowerShell.
Proven experience building security reference architecture for on‑premises, all‑in‑cloud deployments, and hybrid scenarios.
Implementation experience with enterprise security solutions such as Endpoint Protection (DLP/Allow‑listing/HIPS), WAF, IPS, Anti‑DDoS, and SIEM/FIM.
In‑depth knowledge of security protocols and principles.
Exceptional communication skills, critical‑thinking skills, and ability to solve complex problems.
#J-18808-Ljbffr