Enterprise Security Engineer

About The Position

Requirements

• A bachelor's degree or equivalent; sufficient Security and Technology experience may be considered in lieu of degree
• A willingness to obtain additional security-related degrees as recommended by the firm
• An active security certification from a recognized authority
• A minimum of eight (8) years of experience in information technology, including information security
• The ability to communicate technical, security and risk issues to non-technical staff
• Proficiency in Microsoft Windows and Linux operating systems
• Experience with Network and firewall configuration and management
• Skills in vulnerability assessment, incident response, and penetration testing
• Experience supporting mobile devices and hardens systems/applications
• Experience in utilizing SIEM, SOAR, EDR, and similar security tools
• Experience in conducting threat intelligence research

Nice To Haves

• Law office experience and Python/programming skills, preferably

Responsibilities

• Leading the end-to-end lifecycle to review and responding to information security challenges; assessing the current and/or proposed technical/security configuration; gathering and validating requirements and constraints; researching and comparing viable solutions; recommending the best option, calling out advantages and disadvantages; supporting implementation, validation, and tracking progress to completion, including operational handoff
• Performing secure design reviews, threat modeling, and control mapping for new initiatives and significant changes; identifying security gaps and proposing pragmatic mitigations aligned to standards and risk tolerance
• Partnering with infrastructure and application owners to plan and drive remediation for complex and high-impact findings, including prioritization, technical approach, and validation of fixes; ensuring timelines are met and risks are tracked to closure
• Developing and communicating clear, outcome-oriented security metrics and narratives for technical and non-technical stakeholders; translating complex issues into actionable recommendations
• Serving as a subject matter expert, mentoring analysts and specialists, and raising the overall capability of the security function through training, pairing, and knowledge sharing
• Protecting and maintaining any highly sensitive, confidential, privileged, financial, and/or proprietary information that Latham & Watkins retains

Benefits

• Healthcare, life and disability insurance
• A generous 401k plan
• At least 11 paid holidays per year, and a PTO program that accrues 23 days during the first year of employment and grows with tenure
• Well-being programs (e.g. mental health services, mindfulness and resiliency, medical resources, well-being events, and more)
• Professional development programs
• Employee discounts
• Affinity groups, networks, and coalitions for lawyers and staff