Senior Cloud Security Engineer

Our AM Law 100 client is currently seeking a Senior Security Engineer to join the Architecture team in our Information Security department. The Senior Security Engineer is responsible for engineering and implementing solutions to enhance the Firm's security infrastructure, collaborating with the Information Security team, internal IT, and business units. This role focuses on securing cloud-based environments through initiatives such as Cloud Security Posture Management (CSPM), DevSecOps practices (e.g., automated security testing in CI/CD pipelines), Identity and Access Management (IAM/IDM) administration, and participation in Information Security Architecture reviews. Key responsibilities include implementing and maintaining robust security controls for technology infrastructure and cloud platforms, while ensuring secure integration of emerging technologies, including AI systems.

The role also serves as an escalation resource for the Information Security Operations team, providing advanced expertise and support. As part of a small team, you will provide security guidance for the technology environment, aiming to mature the security control framework, develop tailored solutions for cloud workloads, and enhance overall security posture. You will act as a security advocate, advising key stakeholders on technology risk management and balancing security with business needs through effective mitigation strategies, ensuring safe adoption of cloud and related technologies.

Responsibilities

• Work in active partnership with key stakeholders to perform security architecture risk reviews.
• Develop and implement advanced-level Cloud Security solutions.
• Support and advance the overall Information Security technology roadmap.
• Provide recommendations for advancing the Information Security program, security policies, and security control standards to enhance operational practices.
• Create and maintain Information Security standards applicable to all technologies in the portfolio.
• Provide requirement, guidance, and vision to the vendor community to cultivate the appropriate combination of technology and feature capabilities to meet current and future security requirements.
• Execute on infrastructure threat and vulnerability management processes.
• Ensure security systems are upgraded by monitoring security environment, identifying security gaps and evaluating and implementing enhancements.
• Define, develop and maintain metrics and measurements for information security controls and processes.
• Respond to security-related issues, problems, crises, and critical situations to support resolution and minimize downtime.
• Act as a senior-level point of contact for incident investigations and minor security events (e.g., unauthorized access, non-compliance with Firm policies, fraud, service disruptions, etc.) to determine malfunctions, breaches, and remediation steps.
• Responsible for Information Security technology selection process to include requirements consolidation into RFI/RFP/RFQ, testing, POC, selection and deployment.
• Support audits against internal and industry process, quality, and security standards; drive initiatives and remediation efforts to correct non-conformance.
• Provide Information Security consulting on security related issues.
• Collaborate with peers to identify and implement improvement initiatives across the Firm, processes and toolsets.
• Manage multiple, parallel projects using formal project planning techniques.
• Ability to work evening and weekend hours as needed or directed. Some travel may be required.

Qualifications

• High School Diploma or equivalent required; Associate's Degree or Bachelor's Degree preferably in Engineering, Information Technology, Computer Science, or similar strongly preferred
• Minimum of five (5) years in a professional technical Information Technology role required
• Minimum of three (3) years of hands-on experience in Information Security with Cloud Security exposure required
• Specialized Cloud Security certification(s), CISSP, Microsoft Azure AZ-104 & AZ-500, CCSP, CCSK, or CPT/CEH desired
• SailPoint Identity and Access Management (IAM/IDM) vendor-specific certification(s) desired