Cozen O Connor
Security Engineer
Cozen O Connor, Phila, Pennsylvania, United States, 19117
The Security Engineer will work in conjunction with a team of IT operations professionals to ensure the Firm's data, computer systems, and infrastructure are secure through analysis, testing, and investigation. The Security Engineer will take a lead role in performing necessary installations, upgrades, and improvements for the Firm's current cybersecurity infrastructure.
Primary Responsibilities:
Collaborate with the Firm's Information Technology leadership to develop and update strategy to support the Firm's security architecturePartners with various business groups in the Firm to ensure security best practices are followed in the design and implementation of new projectsAdministers vulnerability management platform, including configurations, vulnerability scanning, reporting, and endpoint agent updatesAdministers EDR platform, including event investigations, alert and report design, policy configurations, and endpoint agent updatesWorks with Cloud Engineer and Operations staff to ensure Microsoft cloud design and implementation follow security best-practicesConducts regular audits to ensure EDR and vulnerability scanning applications are installed and functioning as expectedMonitors SIEM and Microsoft Azure environment for evidence of current or previous security events, as well as, performs improvements to Splunk alerts, reports, and dashboardsLeads incident response in cases of confirmed security incidents, including minimization of business impact, communication of findings and mitigation, forensics collection, and hardening recommendationsMonitors outside threat intelligence sources for both general industry and the legal industry and makes recommendations to ensure the firm is well positioned against future threatsWorks with technical operations teams to ensure security controls such as firewalls, MFA, and NAC functioning as expectedPrepares reports of security performance metrics, events, incident findings, and other security related outputsWorks with Risk and Audit teams to ensure all relevant certification tasks and client inquiries are addressed in a timely mannerAssists with third party security due diligence for new vendorsProvides guidance and leadership to more junior security staffQualifications:
Bachelor's degree in security, computer science, information technology or related fieldCurrent security certifications preferred or willingness to obtain within 1 year3 years of work experience as a security analyst or information security engineerHands on experience in security software and systems including firewalls, intrusion detection systems, anti-virus/EDR software, identity monitoring solutions, authentication platforms, log management , web-content filtering platforms, and vulnerability management systemsSplunk, Crowdstrike, and Qualys software experience preferredAzure cloud security experience is a plusAbility to work in complex IT environments with minimal supervision and collaborate effectively with multiple teams in a dynamic environmentExperience in project task planning, implementation, and documentationStrong communication skills
Cozen O'Connor is an Equal Opportunity Employer, including disabled and veterans.
Cozen O'Connor actively welcomes applicants who have previously left the workforce and are looking to return to their careers. Gaps in experience are not penalized.
Cozen O'Connor is committed to employing a diverse complement of attorneys and staff, and to fostering greater inclusion in the legal profession. We understand the organizational effectiveness that comes from welcoming and valuing differences within the firm, and we know that assembling a team with a rich diversity of perspectives and experience is necessary to provide the highest quality legal service. We encourage candidates to apply and join us in this effort.
Primary Responsibilities:
Collaborate with the Firm's Information Technology leadership to develop and update strategy to support the Firm's security architecturePartners with various business groups in the Firm to ensure security best practices are followed in the design and implementation of new projectsAdministers vulnerability management platform, including configurations, vulnerability scanning, reporting, and endpoint agent updatesAdministers EDR platform, including event investigations, alert and report design, policy configurations, and endpoint agent updatesWorks with Cloud Engineer and Operations staff to ensure Microsoft cloud design and implementation follow security best-practicesConducts regular audits to ensure EDR and vulnerability scanning applications are installed and functioning as expectedMonitors SIEM and Microsoft Azure environment for evidence of current or previous security events, as well as, performs improvements to Splunk alerts, reports, and dashboardsLeads incident response in cases of confirmed security incidents, including minimization of business impact, communication of findings and mitigation, forensics collection, and hardening recommendationsMonitors outside threat intelligence sources for both general industry and the legal industry and makes recommendations to ensure the firm is well positioned against future threatsWorks with technical operations teams to ensure security controls such as firewalls, MFA, and NAC functioning as expectedPrepares reports of security performance metrics, events, incident findings, and other security related outputsWorks with Risk and Audit teams to ensure all relevant certification tasks and client inquiries are addressed in a timely mannerAssists with third party security due diligence for new vendorsProvides guidance and leadership to more junior security staffQualifications:
Bachelor's degree in security, computer science, information technology or related fieldCurrent security certifications preferred or willingness to obtain within 1 year3 years of work experience as a security analyst or information security engineerHands on experience in security software and systems including firewalls, intrusion detection systems, anti-virus/EDR software, identity monitoring solutions, authentication platforms, log management , web-content filtering platforms, and vulnerability management systemsSplunk, Crowdstrike, and Qualys software experience preferredAzure cloud security experience is a plusAbility to work in complex IT environments with minimal supervision and collaborate effectively with multiple teams in a dynamic environmentExperience in project task planning, implementation, and documentationStrong communication skills
Cozen O'Connor is an Equal Opportunity Employer, including disabled and veterans.
Cozen O'Connor actively welcomes applicants who have previously left the workforce and are looking to return to their careers. Gaps in experience are not penalized.
Cozen O'Connor is committed to employing a diverse complement of attorneys and staff, and to fostering greater inclusion in the legal profession. We understand the organizational effectiveness that comes from welcoming and valuing differences within the firm, and we know that assembling a team with a rich diversity of perspectives and experience is necessary to provide the highest quality legal service. We encourage candidates to apply and join us in this effort.