Senior Information Security Engineer

Profile

Senior Information Security Engineer

Duties: Architect security solutions to defend the organization from complex cyber threats. Identify and direct implementation of security improvements across the firm's cloud environment, including IaaS and SaaS solutions. Identify and analyze technology trends and make recommendations on feasibility of cloud service adoption. Provide guidance and oversight on cloud governance issues. Proactively identify vulnerabilities that are applicable to systems and applications, determine their severity and urgency, work with the system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective. Develop and update information security policies and procedures while assisting in maintaining compliance with various security standards such as ISO 27001. Ensure that IT security plans, controls, processes, standards, policies and procedures are aligned with IT standards and overall IT security. Audit and configure Active Directory GPO"s and permissions to support a secure environment preferably while leveraging scripting languages such as PowerShell, C Sharp, API integration and other scripting languages. Develop techniques and procedures for evaluation and testing of hardware and software for possible impact on system security while adhering to good systems design and project management principles. Maintain and manage security systems that include: SIEM, Host based firewalls, Network Firewalls, Web Proxy, DLP, PKI, and other network based and end point protection technologies. Collect and compile historical data and logs on system access and network traffic patterns then generate reports, presentations and analyses. Serve as an Incident response leader to handle security events. Apply forensic investigation techniques to document root cause and impact of detected computer security incidents Maintain awareness of new and emerging cyber-attack threats with potential to harm firm systems and networks then recommending new defenses to harden systems. Review more complex existing applications periodically and new applications prior to installation to ensure that the applications adhere to security policies. Perform detailed risk analysis assessment of applications, networks and systems. Keep current with the latest attacks and exploits by attending periodic training and seminars, maintaining a lab environment and participating in relevant events and joining skill enhancing online communities. Maintain, develop and enhance the firm's security training and user awareness programs. Assist with responding to security assessments from current and prospective clients.

Company info

Williams & Connolly LLP
725 Twelfth St. N.W.
Washington
District of Columbia
United States 20005
Website : https://www.wc.com/