Buchanan Ingersoll-Rooney
Security Engineer
Buchanan Ingersoll & Rooney is a national law firm with a proven reputation for providing progressive, industry-leading legal, business, regulatory and government relations advice to our regional, national and international clients. We are currently searching for a Security Engineer (SIEM) in Pittsburgh, PA to join a dynamic and growing security team that is responsible for continually improving the Firm's security posture and will be focused on managing and improving its network, system, identity, and cloud security capabilities. The role will encompass administering the SIEM, EDR, and Identity protection solutions and leading security event detection, incident response, response automation, threat hunting, and more. Duties And Responsibilities Demonstrate expertise in information security solutions, operational practices, threats, and emerging technologies. Provide Subject-matter-expertise and administer CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM. Lead and improve security event management processes, develop and execute SOP, and conduct incident response preparation, orchestration, investigation, and reporting. Liaise with our managed security service providers and ensure continuous processes and relationship improvements and maturation. Administer the Firm's security solutions including, CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM, SEG, PAM/VPAM, EPM, vulnerability scanning, and other security related technology. Develop methods and controls for migration-to-cloud strategies including CNAPP, CI/CD Pipeline, DevOps guardrails, and Azure CSP controls and monitoring. Conduct threat and vulnerability analysis and coordinate attack surface reduction configuration implementation and patching remediation with technical stakeholders. Maintain awareness of current and emerging threats, vulnerabilities, and vectors of attack and participate in threat modeling, analysis, and reporting. Effectively deliver reliable and scalable solutions and services, aligned to the Firm's client and shareholder requirements, that reduce risk and balance operational impact and usability. Develop end user awareness training and reinforce security concepts through engagement, communication, and simulation. Participate in security governance, develop policies, processes and procedures, measures, and metrics and ensure compliance with the Firm's security requirements. Deliver exceptional customer service and provide security and operational consulting, project and design support, cross-training, and troubleshooting to IT Administrators, staff, shareholders, clients, and vendors. Required Education/Experience Strong Information Systems and Technology background with at least five (5) years of experience in Information Security. Ability to communicate clearly and effectively with people from both technical and non-technical backgrounds. Knowledge and experience with varying information security processes and tools. Ability to identify security technology risks. Ability to visualize, plan and execute any areas of process improvement that increase the efficiency and delivery of our security capabilities. Proficient knowledge of IP networking and public cloud security principles. Experience managing information security platforms such as EDR, PAM, MFA, SIEM, and NGFW. Expertise in malware detection technologies and remediation. Experience in security event management and security incident response processes, tools, and procedures. Expertise in the following technologies providers (or comparable): CrowdStrike, Palo Alto, Tenable, and Azure. Expertise with network design, operation, security, and monitoring, Windows and Linux desktop/server and database security. Experience with scripting and query languages such as python, PowerShell, CQL, and XQL. Understanding of ISO/IEC 27001:2022 ISMS principles. Why should you work at Buchanan? Our Firm Offers Outstanding Benefits That Include Hybrid work schedules Generous Paid Time Off Paid Holidays, including a floating holiday WorkWell wellness program, including free use of the Calm App Free use of building gym Caregiving assistance with Bright Horizons (child, elder, and pet care!) Access to our Firm-wide emergency assistance fund Free full access to LinkedIn Learning Insurance Medical, Dental, Vision 401K Program Retirement Savings Program We are an Equal Opportunity Employer.
Buchanan Ingersoll & Rooney is a national law firm with a proven reputation for providing progressive, industry-leading legal, business, regulatory and government relations advice to our regional, national and international clients. We are currently searching for a Security Engineer (SIEM) in Pittsburgh, PA to join a dynamic and growing security team that is responsible for continually improving the Firm's security posture and will be focused on managing and improving its network, system, identity, and cloud security capabilities. The role will encompass administering the SIEM, EDR, and Identity protection solutions and leading security event detection, incident response, response automation, threat hunting, and more. Duties And Responsibilities Demonstrate expertise in information security solutions, operational practices, threats, and emerging technologies. Provide Subject-matter-expertise and administer CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM. Lead and improve security event management processes, develop and execute SOP, and conduct incident response preparation, orchestration, investigation, and reporting. Liaise with our managed security service providers and ensure continuous processes and relationship improvements and maturation. Administer the Firm's security solutions including, CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM, SEG, PAM/VPAM, EPM, vulnerability scanning, and other security related technology. Develop methods and controls for migration-to-cloud strategies including CNAPP, CI/CD Pipeline, DevOps guardrails, and Azure CSP controls and monitoring. Conduct threat and vulnerability analysis and coordinate attack surface reduction configuration implementation and patching remediation with technical stakeholders. Maintain awareness of current and emerging threats, vulnerabilities, and vectors of attack and participate in threat modeling, analysis, and reporting. Effectively deliver reliable and scalable solutions and services, aligned to the Firm's client and shareholder requirements, that reduce risk and balance operational impact and usability. Develop end user awareness training and reinforce security concepts through engagement, communication, and simulation. Participate in security governance, develop policies, processes and procedures, measures, and metrics and ensure compliance with the Firm's security requirements. Deliver exceptional customer service and provide security and operational consulting, project and design support, cross-training, and troubleshooting to IT Administrators, staff, shareholders, clients, and vendors. Required Education/Experience Strong Information Systems and Technology background with at least five (5) years of experience in Information Security. Ability to communicate clearly and effectively with people from both technical and non-technical backgrounds. Knowledge and experience with varying information security processes and tools. Ability to identify security technology risks. Ability to visualize, plan and execute any areas of process improvement that increase the efficiency and delivery of our security capabilities. Proficient knowledge of IP networking and public cloud security principles. Experience managing information security platforms such as EDR, PAM, MFA, SIEM, and NGFW. Expertise in malware detection technologies and remediation. Experience in security event management and security incident response processes, tools, and procedures. Expertise in the following technologies providers (or comparable): CrowdStrike, Palo Alto, Tenable, and Azure. Expertise with network design, operation, security, and monitoring, Windows and Linux desktop/server and database security. Experience with scripting and query languages such as python, PowerShell, CQL, and XQL. Understanding of ISO/IEC 27001:2022 ISMS principles. Why should you work at Buchanan? Our Firm Offers Outstanding Benefits That Include Hybrid work schedules Generous Paid Time Off Paid Holidays, including a floating holiday WorkWell wellness program, including free use of the Calm App Free use of building gym Caregiving assistance with Bright Horizons (child, elder, and pet care!) Access to our Firm-wide emergency assistance fund Free full access to LinkedIn Learning Insurance Medical, Dental, Vision 401K Program Retirement Savings Program We are an Equal Opportunity Employer.