Senior Security Engineer

at  Paul Hastings

Paul Hastings is a leading international law firm that provides innovative legal solutions to many of the world’s top financial institutions and Fortune Global 500 companies. With a strong presence throughout Asia, Europe, Latin America, and the U.S., we have the global reach and extensive capabilities to provide personalized service wherever our clients’ needs take us. As one of the world’s leading law firms, we seek dynamic individuals who share our commitment to service, innovation, and professional growth.
We have an opening for a Senior Security Engineer (Endpoint/Mobile) in our Information Security Department.

In this capacity, the Senior Security Engineer (Endpoint/Mobile) will:

• Provide guidance on how endpoints and mobile devices are managed and hardened against security threats and vulnerabilities;
• Identify and implement ways to harden systems and reduce the attack surface;
• Secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and; procedures
• Engineer, implement, and monitor security measures for the protection of computer systems, network, and information;
• Integrate security tasks and activities into system development methodologies (e.g. planning, design, implementation, operations, maintenance, and disposal);
• Identify and verify security requirements are met throughout the process;
• Work closely cross functionally with IT and business teams in driving information security technology strategy;
• Apply security architecture principles through the system development Lifecycle (SDLC).

In addition, the Senior Security Engineer (Endpoint/Mobile) will be expected to have experience with the following areas of responsibility:

• Consult on solution architecture for projects to ensure compliance with the security technical architecture;
• Prepare and document secure system development standard operating procedures and protocols;
• Drive and conduct system architectural reviews, secure design reviews, risk assessments and threat assessments;
• Perform vendor technical solution acceptance verification and validation;
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks;
• Assess gaps in existing policy and propose amendments to existing policy or new policy to address these gaps;
• Participate in the development and implementation of enterprise-level technical standards and procedural directives and other guidance materials;
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement;
• Participates in the development, implementation and review of security controls for the systems under their purview;
• Coordinates with system owners to resolve security issues through system lifecycle;
• Provides guidance and support to self-testing, security control assessment, preparation of remediation plans, and development of continuous monitoring plans.

Qualifications:

• 12 years of experience in information technology or security engineering;
• BS degree in Computer Science or related field;
• Related certifications (preferred);
• Thorough understanding of the latest security principles, techniques, and protocols;
• Hands on experience in security systems, including vulnerability management, identity and access management, security risk assessments, application testing, etc.
• Knowledge related to endpoint and mobile security, including endpoint configuration management tools, application virtualization, MDM, Microsoft Windows; Operating Systems, Active Directory, and Windows Group Policies;
• Strong, track record of implementing security architecture for complex solutions and ability to deliver results through partnering with stakeholders in IT and the;
• Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management;
• Experience with secure architecture principals, secure SDLC, security system integration and configurations, and troubleshooting.

Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.

Eligible employees can participate in the Firm’s comprehensive benefits program, which include the following:

• Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short and Long Term Disability
• Flexible Spending Account and Health Savings Account
• Healthcare Concierge and Advocacy
• Voluntary 401k Plan and Profit Sharing
• 10 Paid Holidays per year and a generous PTO program
• Family Support including Pediatric Mental Health and Parental Support, Paid Parental Leave, Fertility Benefits, and Breast Milk Shipping
• Back-up Child Care, Elder Care, and Tutoring
• Wellness Programs (Employee Assistance Program, Mental Health, and Well-Being Events)
• Retirement Plan Consulting
• Anniversary Bonus Program
• Professional Development Programs
• Transportation Allowance and Commuter Benefits
• International Travel Insurance
• Auto/Home/Legal Insurance
• Pet Insurance
• Employee discounts
• And more!

The Firm has a range of diversity initiatives including our Paul Hastings Affinity Networks (PHANs), Women’s Initiative, and PH Balanced. These initiatives provide a firmwide forum to share experiences, as well as an opportunity to participate in a supportive network with common interests to help make life at the firm more inclusive. Learn more about our Global Diversity, Inclusion and Wellness Initiatives here.
Paul Hastings LLP is an equal employment and affirmative action employer F/M/Disability/Vet/Sexual Orientation/Gender Identit

Please refer the Job description for details