Cyber Security Engineer

Wilmer Hale-posted 3 months ago
$142,000 - $177,500/Yr
Full-time • Mid Level
Washington, DC
1,001-5,000 employees
Professional, Scientific, and Technical Services
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

WilmerHale is a leading, full-service international law firm with 1,000 lawyers located throughout 12 offices in the United States, Europe and Asia. Our lawyers work at the intersection of government, technology and business, and we remain committed to our guiding principles of providing quality, excellent legal and client services; developing diversity among our lawyers and staff and cultivating an environment that promotes an ambitious spirit, collaboration and collegiality by drawing on the extraordinary talents and dynamic experience of our lawyers. Our goal is to reflect the diversity of our clients and the communities in which we practice. Serves as the expert providing solutions and services to defense against malicious threats by delivering foundational security solutions and services. The role must identify evolving trends, weakness, and vulnerabilities and craft robust countermeasures to prevent malicious attacks. The role develops, implements, and supervises cybersecurity technology solutions and Tier I, II and III security operation center (SOC) contracted services to protect information resources, services, infrastructure, and endpoint solutions. The role must design and implement cybersecurity strategies and contribute to comprehensive cybersecurity architecture. The expert identifies, defines, and documents system security requirements and recommends solutions to senior management. Additionally, the role configures, troubleshoots, and maintains security infrastructure software and hardware in coordination with IT infrastructure, application, help desk and endpoint management functional groups. The person leads in monitoring systems for irregular behavior and sets up preventive measures. In partnership with the Director of Information Security, the person plans, develops, implements, and updates the firm's information security strategy. The expert investigates and analyzes all response activities related to cybersecurity incidents within the IT enterprise and external party systems and services. The expert collects data/logs/events/alerts from a variety of IT systems and tools including intrusion detection/prevention, insider threat, data loss prevention, endpoint detection response, firewall, antivirus, email security gateway, infrastructure, and host systems to analyze events that occur across the information technology enterprise and Internet interface.

  • Detect, identify, report, respond, and recover from possible malicious attacks/intrusions, anomalous and misuse activities.
  • Administer technologies that directly support cybersecurity and the protection of firm information technology systems, services, data resources, and firm/client data.
  • Provides cybersecurity operational support for identity and access, access control, endpoint protection, firewalls, intrusion detection, network controls, software patch, endpoint, and vulnerability management.
  • Provides cybersecurity operational support to service tickets, reporting and dashboard reporting.
  • Regularly audits and reviews the technical configuration and operational policies of information security tools and work with governance, risk and compliance (GRC) personnel and auditors to ensure compliance across firm systems.
  • Recommends and implements mitigation actions in response to sophisticated information security vulnerabilities and risk mitigation concepts based on the analysis and ISO 27001 and NIST guidance.
  • Performs scripting and information analysis in general support of firm technology infrastructure.
  • Perform initial, forensically sound collection of log data and security events to support security event investigation and analysis.
  • Provides options for persistent monitoring of all designated networks, enclaves, and systems.
  • Coordinate and support information security remediation projects and plan-of-action activities to ensure they are efficiently implemented across Information Services departments and report on progress to management.
  • Lead the analysis of alerts, notifications, events, and log entries from several sources including Security information and event management (SIEM), endpoint Detection and Response (EDR) tools and Manages Security Service providers (MSSP) and correlates incident data to identify specific vulnerabilities and appropriate remediations.
  • Leads contractors to complete network, system, or application vulnerability assessments and penetration testing using reverse engineering techniques to analyze impacts to firm systems.
  • Evaluate system security configurations and provide recommendations for the remediation of weaknesses though technical or non-technical changes that improve the security posture of the firm.
  • Coordinate cyber defense and incident triage, to include ascertaining scope, vitality, and potential impact, identifying the specific vulnerability, and making recommendations that enable immediate and complete remediations and threat mitigation.
  • Demonstrated problem solving abilities, analytical skills, and demonstrable ability to meet ambitious deadlines required.
  • Makes logical conclusions, anticipates obstacles, and considers different approaches that are relevant to the decision-making process.
  • Ability to lead as part of a cybersecurity threat response team, with coordination of efforts between internal IT groups and contractors.
  • Experience with the use and development of a Splunk security incident and event management system (SIEM), DLP solutions, UEBA tools, and host/network forensic solutions.
  • Authority in the fundamentals of quantitative and qualitative risk scoring, threat analysis, and threat modeling.
  • Experience and work knowledge of MITRE ATT&CK/D3FEND, NIST and Center for Internet Security (CIS) standards and frameworks.
  • Experience with MS Windows Active Directory (AD) and Azure AD security monitoring.
  • Proven experience with custom scripting and Python for log analysis, data collection, and the production of security reports and dashboards.
  • Effectively meets challenges, influences, and drives consensus within the team.
  • Proven interpersonal and written communication skills.
  • Security certification (e.g., CISSP, CEH, CompTIA Security+) preferred.
  • 401k
  • health insurance
  • dental insurance
  • vision insurance
  • life insurance
  • disability insurance
  • paid holidays
  • paid volunteer time
  • tuition reimbursement
  • professional development
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Cybersecurity Engineer Resume Examples
Cybersecurity Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service