Senior Security Engineer

Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth enterprises worldwide. We represent companies at every stage of development, from entrepreneurial start-ups to multibillion-dollar global corporations, as well as the venture firms, private equity firms, and investment banks that finance and advise them. The firm has approximately 1,100 attorneys in 17 offices: 13 in the U.S., two in China, and two in Europe. Our broad spectrum of practices and entrepreneurial spirit allow our staff exceptional opportunities for professional achievement and career growth.

The firm is actively seeking a Senior Security Engineer to join the IT team. This position under the direction of the Director of Security Engineering and Operations, is responsible for managing the Firm’s information security systems and processes, assuring enforcement of security policies, managing the information security threat lifecycle, analyzing and responding to security events escalated by the Security Operations Center (SOC) and coordinating actions to limit risks identified through our automated systems. The Senior Security Engineer is accountable for providing expertise and support in the areas of security engineering, incident response and risk management.

This position is available as a hybrid work schedule.

Responsibilities:

• Provide subject matter expertise in information security as it relates to networks and systems
• Manage the Firm’s security technology including but not limited to: anti-virus, vulnerability scanning, intrusion detection, content filtering, and insider threat systems
• Review security events from all monitoring environments not integrated with the firm SIEM, and those events escalated by the SOC, on a daily basis, and follow defined incident response processes in their analysis and reporting
• Coordinate with appropriate parties to ensure the timely deployment of operating system and application security patches, deployment of security applications and currency of security application patch levels
• Monitor appropriate venues for threats to the security of the Wilson Sonsini Goodrich & Rosati environment
• Provide notification to all impacted parties related to the actions needed to mitigate threats and manage the threat lifecycle in totality
• Manage and lead evaluations of the firm’s environment by external 3rd parties
• Produce recommendations that integrate any findings with the business needs of the firm
• Maintain knowledge of the information security needs of firm clients and implement measures to satisfy those requirements in the most efficient manner
• Keep abreast of emerging security technologies and discipline developments
• Make appropriate recommendations that meet the firms needs
• Design and build operational environments that scale to meet the needs of our security products and assure appropriate reliability
• Support general troubleshooting related to information security tasks and provide support to end users as needed
• Provide other teams with security consulting services, including responding to requests for additional information and assisting with specific projects
• Perform related duties as assigned by supervisor
• Maintain compliance with all company policies and procedures

Qualifications:

• Bachelor’s degree required
• 5+ years of experience in Information Security
• One or more of the following certifications required: GIAC, CISSP, CISM, CEH, CIPP
• Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
• Experience with wireless security, network monitoring, network design, windows desktop/server security, database security, routing protocols and incident management
• Knowledge and experience with varying information security processes and tools
• Ability to identify security technology risks
• Extensive knowledge of TCP/IP networking
• Extensive understanding of the cyber kill-chain
• Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments
• Experience working in a law firm or professional services firm environment desired
• Excellent verbal and written communication skills, including ability to effectively communicate with internal and external customers and communicate clearly and effectively with people from both technical and non-technical backgrounds
• Excellent computer proficiency (MS Office – Word, Excel and Outlook)
• Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing exemplary customer service
• Ability to work independently and to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices
• to completion within parameters of instructions given, prescribed routines, and standard accepted practices

The primary location for this job posting is in Washington, D.C., but other locations may be listed. The actual base pay offered will depend upon a variety of factors, including but not limited to the selected candidate’s qualifications, years of relevant experience, level of education, professional certifications and licenses, and work location. The anticipated pay range for this position is as follows:San Francisco and Silicon Valley: $131,750 - $178,250 per yearAustin, Boston, Boulder, District of Columbia, Los Angeles, New York, San Diego, Seattle, and Wilmington: $119,000 - $161,000 per yearSalt Lake City and all other locations: $105,400 - $142,600 per year

The compensation for this position may include a discretionary year-end merit bonus based on performance. We offer a highly competitive salary and benefits package.

Benefits information can be found here. Equal Opportunity Employer (EOE).