Security Engineer (DLP)

Benesch Law•Chicago, IL

20d•$119,000 - $142,000•Hybrid

About The Position

Benesch is a rapidly growing law firm recognized for attracting and retaining top talent, earning placements on Chicago and Cleveland's Top Workplaces lists and advancing on the AmLaw 150 list. The firm is committed to providing a positive work environment, offering a hybrid schedule, career development, transparent leadership, and celebrating diversity, equity, and inclusion. Benesch has offices in Chicago, Columbus, San Francisco, New York City, and Wilmington. The firm is seeking a Security Engineer (DLP) for its Chicago office, a hybrid position with work-from-home flexibility. This role is ideal for an individual passionate about security engineering, with a strong emphasis on enhancing cybersecurity postures through endpoint security, security engineering support, and project participation. The position involves building secure, resilient systems, configuring firewalls, intrusion detection systems, and security tools, and requires solid experience with Netskope DLP. The ideal candidate will bring technical expertise, risk-based prioritization, experience in building and improving security disciplines, strategic thinking, and a collaborative spirit to drive security innovation and resilience.

Requirements

Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's preferred).
5+ years of experience in security engineering across multiple disciplines including incident response, red, purple and blue team activities, endpoint controls.
Hands-on experience with DLP, CASB, and cloud-native security tools including Netskope DLP.
Solid understanding of cloud platforms (AWS, Azure, GCP) and associated security services.
Understanding and practical experience with incident response activities.
Familiarity with frameworks such as NIST CSF, MITRE ATT&CK, ISO 27001 and CIS Benchmarks and aligning the security program with the framework.
Relevant certifications (e.g., CISSP, CCSP, AWS Security Specialty, GIAC) are a plus.

Nice To Haves

Experience with EDR, SIEM integration and DLP.
Strong analytical, communication, and project management skills.
Ability to mentor junior analysts and support cross-functional initiatives.

Responsibilities

Support end-to-end execution of diverse security projects including: Endpoint Detection & Response (EDR) deployments.
Ongoing vulnerability assessment and penetration testing activities.
Security automation and orchestration initiatives.
Hardening and baseline creation, implementation and auditing.
Identity & Access Management (IAM) enhancements.
Recommend, evaluate and implement new security technologies and tools.
Monitor and analyze security events using SIEM and other detection platforms.
Lead investigations and coordinate response efforts for security incidents.
Develop and maintain incident response runbooks and tabletop exercises.
Recommend, implement, and support SIEM and threat intelligence enhancements
Lead deployment and tuning of DLP and CASB solutions to safeguard sensitive data across endpoints, cloud services, and email platforms.
Monitor and respond to data exfiltration attempts and policy violations.
Conduct regular reviews of data access and usage patterns to identify anomalies.
Assist with implementing and supporting secure cloud architectures across AWS, Azure, and/or GCP, identify risks and provide recommendations.
Enforce and audit cloud security policies, standards, and best practices.
Evaluating existing posture and providing risk-based recommendations for improvement.
Support internal and external audits, risk assessments, and compliance initiatives (e.g., NIST, ISO 27001, SOC 2).
Maintain documentation and key metrics for security controls and processes.
Collaborate with governance and risk teams to align technical controls with policy requirements.