ZwillGen
Join to apply for the
IT Security Engineer
role at
ZwillGen ZwillGen is a boutique law firm that represents some of the biggest names in technology on a range of Internet‑related legal issues, including cybersecurity, privacy, government surveillance, alternative data, and fantasy sports. We offer a hard‑working, joyful, and casual work environment. ZwillGen PLLC is looking for an IT Security Engineer who is ready to hit the ground running, hungry for a challenge and wants to work in a predominantly Mac OS environment. The Security Engineer will be responsible for implementing and maintaining robust security measures to protect the firm’s sensitive data, including client and firm information, legal documents, and communications. The ideal candidate will have a deep understanding of cybersecurity principles, experience with security infrastructure, and the ability to anticipate and mitigate potential security threats. Key Responsibilities
Conduct regular security assessments, vulnerability testing, and risk analysis to identify potential threats to the firm’s IT systems and recommend and implement appropriate risk mitigation strategies. Serve as the primary contact for third‑party audits of the firm’s security practices in connection with potential certifications (ISO). Develop and maintain incident response plans, corporate security policies, and procedures. Lead investigations of security incidents, respond promptly to security incidents, and conduct regular IRP testing. Ensure compliance with relevant legal and regulatory requirements (e.g., CCPA, GDPR, HIPAA) and develop, update, and enforce security policies and procedures tailored to the law‑firm environment. Work with external teams (SOC, EDR vendors) to continuously monitor network traffic, security logs, and alerts for suspicious activity, and generate and present regular reports on the security status to senior management. Manage and deliver security awareness training for staff, promoting best practices and reducing the risk of human error. Administer and maintain user endpoint security measures and provide expertise in all security‑related applications and software. Review, complete, and submit third‑party security questionnaires from clients and review outside‑counsel guidelines. Work closely with legal teams, IT staff, and external vendors to ensure that security measures are integrated into all aspects of the firm’s operations, including new projects and technologies. Manage the regular updates and patching of security agents, systems, and software to protect against vulnerabilities. Assist in the design, implementation, and management of the firm’s security solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, encryption protocols, and secure access controls. Collaborate with the IT team and other administrative personnel in review of new or existing systems and software to ensure security requirements are satisfied (including risk assessment). Manage the firm’s vendor management program, including evaluation and audit of security practices of third‑party vendors. Other duties may be assigned. Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience may be considered. Minimum of 5+ years of a similar level role in cybersecurity, with a focus on security engineering. Experience in the legal or financial sector is a plus. Industry certifications such as CISSP, CISM, or equivalent are highly desirable. Technical Skills
Proficiency in security technologies, including firewalls, VPNs, SIEMs, IDS/IPS, and endpoint protection. Strong understanding of encryption technologies, secure coding practices, and network security protocols. Familiarity with compliance requirements such as CCPA, GDPR, HIPAA, and other relevant regulations. General knowledge of security certifications (e.g., ISO, SOC). Strong problem‑solving and analytical skills, with the ability to identify and mitigate risks effectively. Excellent written and verbal communication skills, with the ability to convey complex security concepts to non‑technical staff. High level of attention to detail and the ability to manage multiple tasks in a fast‑paced environment. Experience with cloud platforms such as Microsoft Azure, MFA, and identity components within Entra (Enterprise Applications/App Registrations, etc.). Why Join Us?
Opportunity to work in a dynamic and respected law firm with a commitment to data security and client confidentiality. Collaborate with a dedicated team of professionals in a supportive and inclusive work environment. Competitive salary and benefits package, including opportunities for professional development. Compensation
ZwillGen is committed to providing transparency in compensation, in accordance with applicable wage transparency laws. The salary range for this position is $130,000 – $170,000 annually. Actual compensation will be determined based on factors such as the candidate’s qualifications, skills, and experience. In addition, ZwillGen offers a comprehensive benefits package, including medical, dental and vision insurance, a 401(k) retirement plan, paid time off, and short‑term and long‑term disability coverage, which are available to employees in this role.
#J-18808-Ljbffr
IT Security Engineer
role at
ZwillGen ZwillGen is a boutique law firm that represents some of the biggest names in technology on a range of Internet‑related legal issues, including cybersecurity, privacy, government surveillance, alternative data, and fantasy sports. We offer a hard‑working, joyful, and casual work environment. ZwillGen PLLC is looking for an IT Security Engineer who is ready to hit the ground running, hungry for a challenge and wants to work in a predominantly Mac OS environment. The Security Engineer will be responsible for implementing and maintaining robust security measures to protect the firm’s sensitive data, including client and firm information, legal documents, and communications. The ideal candidate will have a deep understanding of cybersecurity principles, experience with security infrastructure, and the ability to anticipate and mitigate potential security threats. Key Responsibilities
Conduct regular security assessments, vulnerability testing, and risk analysis to identify potential threats to the firm’s IT systems and recommend and implement appropriate risk mitigation strategies. Serve as the primary contact for third‑party audits of the firm’s security practices in connection with potential certifications (ISO). Develop and maintain incident response plans, corporate security policies, and procedures. Lead investigations of security incidents, respond promptly to security incidents, and conduct regular IRP testing. Ensure compliance with relevant legal and regulatory requirements (e.g., CCPA, GDPR, HIPAA) and develop, update, and enforce security policies and procedures tailored to the law‑firm environment. Work with external teams (SOC, EDR vendors) to continuously monitor network traffic, security logs, and alerts for suspicious activity, and generate and present regular reports on the security status to senior management. Manage and deliver security awareness training for staff, promoting best practices and reducing the risk of human error. Administer and maintain user endpoint security measures and provide expertise in all security‑related applications and software. Review, complete, and submit third‑party security questionnaires from clients and review outside‑counsel guidelines. Work closely with legal teams, IT staff, and external vendors to ensure that security measures are integrated into all aspects of the firm’s operations, including new projects and technologies. Manage the regular updates and patching of security agents, systems, and software to protect against vulnerabilities. Assist in the design, implementation, and management of the firm’s security solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, encryption protocols, and secure access controls. Collaborate with the IT team and other administrative personnel in review of new or existing systems and software to ensure security requirements are satisfied (including risk assessment). Manage the firm’s vendor management program, including evaluation and audit of security practices of third‑party vendors. Other duties may be assigned. Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related field. Equivalent experience may be considered. Minimum of 5+ years of a similar level role in cybersecurity, with a focus on security engineering. Experience in the legal or financial sector is a plus. Industry certifications such as CISSP, CISM, or equivalent are highly desirable. Technical Skills
Proficiency in security technologies, including firewalls, VPNs, SIEMs, IDS/IPS, and endpoint protection. Strong understanding of encryption technologies, secure coding practices, and network security protocols. Familiarity with compliance requirements such as CCPA, GDPR, HIPAA, and other relevant regulations. General knowledge of security certifications (e.g., ISO, SOC). Strong problem‑solving and analytical skills, with the ability to identify and mitigate risks effectively. Excellent written and verbal communication skills, with the ability to convey complex security concepts to non‑technical staff. High level of attention to detail and the ability to manage multiple tasks in a fast‑paced environment. Experience with cloud platforms such as Microsoft Azure, MFA, and identity components within Entra (Enterprise Applications/App Registrations, etc.). Why Join Us?
Opportunity to work in a dynamic and respected law firm with a commitment to data security and client confidentiality. Collaborate with a dedicated team of professionals in a supportive and inclusive work environment. Competitive salary and benefits package, including opportunities for professional development. Compensation
ZwillGen is committed to providing transparency in compensation, in accordance with applicable wage transparency laws. The salary range for this position is $130,000 – $170,000 annually. Actual compensation will be determined based on factors such as the candidate’s qualifications, skills, and experience. In addition, ZwillGen offers a comprehensive benefits package, including medical, dental and vision insurance, a 401(k) retirement plan, paid time off, and short‑term and long‑term disability coverage, which are available to employees in this role.
#J-18808-Ljbffr