IT Security Engineer - National Law Firm
100% remote position, but must be within commuting distance of Kansas City office. OVERVIEW Security Engineers are responsible for the secure operations of infrastructure, platforms, and software, including the installation, maintenance, and improvement of hybrid (on-premise and cloud) computing environments. They also help develop new designs and security strategies across all applications, including infrastructure, platform, and SaaS. RESPONSIBILITIES
- Configure business operating environments securely
- Perform penetration testing and threat hunting to identify potential risks
- Monitor for and respond to incidents in the Firm's hybrid environment
- Keep infrastructure current, make recommendations, and continually improve security technologies
- Analyze, design, and develop programs, shell scripts, tests, and infrastructure automation capabilities
- Work with analysts and engineers across the organization to continually improve cyber resilience
- Provide support to understand and develop system requirements and technical solutions for cybersecurity engineering based on system architectures (CIS Controls, MITRE ATT&CK Framework, and NIST Cyber Security Framework).
- Support the maturation of the enterprise architecture to align with the Firm’s information security and risks to the organizational operations, organizational assets, and individuals
- Develop alternatives of system designs and/or architecture, which consider trade-offs between security requirements, functional/operational requirements, and cost
- Identify and define the requirements of the overall security of the network
- Plan, engineer, and monitor overall security implementation of network systems
- Support in configuring and implementing network security tools
- Test and provide solutions for system weaknesses, threats, security issues
- Research and identify latest suitable technologies and processes that will improve the overall security of the system
- Regularly audit the existing network configuration and provide improvement recommendations
- Other duties as assigned
REQUIRED QUALIFICATIONS
- Microsoft Active Directory with Azure experience
- 2-4 years of experience in on-premises environment focused on security
- 2-4 years of experience in security engineering
- Ability to perform detection engineering to interrogate computer logs to identify anomalous behavior
- Develop workflows within a SIEM to automate detections and actions taken
- Demonstrative knowledge/experience with (2) scripting languages like Python and PowerShell
- Demonstrative knowledge and expertise with common enterprise-grade security solutions
- Excellent verbal and written communication
- 2-4 years of experience with Metrics, Events, Logging, in an environment similar to Splunk
- Bachelor’s degree in Computer Science, Computer Engineering, Information Systems or equivalent experience.
Employees approved for flexible work arrangements are expected to be available and maintain a practice of reliable, consistent attendance at all times during the employees scheduled work shift including, but not limited to, Teams/instant message, Zoom, email and voicemail, and by phone. The Firm is nationwide, but operates in the Central Time Zone. The budgeted salary range for this position is $100,000 - $120,000. As part of full-time employment associated with this position, the Firm offers the following benefits: Paid time off, sick time off, a referral program, medical insurance and benefits, dental insurance, vision insurance, life insurance, AD&D insurance, ID Theft insurance, long-term disability benefits, short-term disability benefits, Parking/Transit reimbursement (varies depending on location), 401(k) benefits, and employee assistance benefits. The Firm is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law. Apply tot his job Apply To this Job