Job Application

Global Senior Security Engineer - CISSP, CEH, DLP, Information Security, Cyber Security

Our global law firm client are currently looking to take on a new Global Senior Security Engineer (CISSP, CEH, DLP, Information Security, Cyber Security) to join their well established global team in London. This role will be responsible for various aspects of the global IT security landscape split across Europe, America and Asia.

They are a well established and respected law firm within the industry and over 1000's of users and over 25 offices globally. This role will ensure that all security risks are managed and communuicated clearly and effectively as well as implementing security architecture of the firm related to their transition to cloud (Azure/365/iManage Cloud)

To be considered for this Global Senior Security Engineer (CISSP, CEH, DLP, Information Security, Cyber Security) role, it's ideal that you have:

• 5 + years within IT Security (ideally with 1-2 years at a senior capacity)
• Ideal but not required law firm experience
• Relevant accreditations such as CISSP/CEH etc.

Responsibilities:

• Ensures that the client has a secure architecture for authorization and authentication internally, as well as business to business
• Ensures that all security risks are managed and communicated clearly and effectively
• Implement security architecture of the firm related to transition to cloud (eg, Azure, Teams/O365 and iManage Cloud)
• Develops and maintains all documentation related to Global Security Team operations and functions
• Ensures that information is openly communicated and shared with other members of the team
• Ensures that objectives are achieved by working closely with all members of the Firm departments as necessary and in collaboration with the Global Director of Information Security and Global Security team
• Ensures that change controls are adhered to and communicated to the partners and staff
• Keeps abreast of all specific security issues
• Analysis of data collected from established Data Loss Prevention system(s) and methods to ensure compliance with Firm policies
• Manages DLP systems and processes as required
• Assists in defining DLP policies to protect firm and client assets
• Defines incident response workflow for DLP positive hits
• Develops metrics for measuring effectiveness of the DLP solution
• Assists in the preparation, approval, implementation and adherence of the Information Security Policies within the Firm
• Manages projects and tasks related to the Firm as directed by the Global Information Security Manager
• Detects and responds to all incidents of an information security nature within the environment
• Maintains and coordinates incident response planning, assisting in execution of the incident response plan as needed
• Identifies and communicates to management the cause of all information security incidents, making recommendations as to how the specific incidents can be mitigated in the future
• Controls access to the Firm's Information Systems and related security configuration
• Participates fully in all efforts to develop security policies to meet client or other compliance requirements
• Ensures monitoring and alert notifications are implemented in accordance with the business needs
• Assists in the development and authorization process of all new IT policies introduced, ensuring that the necessary security audits and tests are carried out prior to being introduced into production
• Manages the review of the security program by an approved independent party and ensure any gaps are addressed
• Monitors methods of physical data security, such as the storage of backup media, and propose/implement any changes where necessary
• Ensures whenever possible that undesirable use of IT facilities is prevented/minimized at all times
• Educates employees in the benefits of security to the organization, themselves and their working environment
• Collaborates with other staff in IT to ensure that security standards are developed and enforced in implementing or upgrading firm technology
• Keep Security Awareness site on Global Net updated with current material
• Perform investigations as requested by Human Resources, Information Technology or General Counsel executing searches and producing output as required by the Firm
• Plan for Business Continuity and Disaster Recovery
• Performs other duties as assigned or required to meet Firm goals and objectives
• Willing to travel 20% domestically/internationally