Lead Security Engineer

About The Position

Requirements

• Hands-on technical knowledge of routers, switches, firewalls and intrusion detection and prevention system
• Strong understanding of data encryption standards, solutions and best practices
• Detail-oriented, thorough and analytical, with capability to apply logic to solve problems
• Initiative to actively seek new knowledge and improve skills
• Able to effectively prioritize tasks in a high-pressure environment
• Strong understanding of Internet standards and protocols
• Strong understanding of data privacy practices and laws
• Understanding of micro-segmentation technology
• Bachelor’s Degree or Equivalent Experience
• At least eight years’ experience in a technical information security position, preferably within a large global, multisite environment.

Nice To Haves

• Scripting and debugging skills preferred

Responsibilities

• Network Security Engineering
• Serve as the primary engineer and technical authority for Palo Alto firewalls, Panorama, GlobalProtect, Cisco Umbrella and Azure‑based firewalls.
• Define security standards, policies, and patterns for firewall management, VPN connectivity, and cloud‑integrated network security.
• Lead major upgrades, migrations, and platform improvements across the security infrastructure stack.
• Evaluate emerging technologies and recommend strategic adoption paths.
• Provide cross team support and security recommendation for various platforms in the environment such as Gigamon, Security Onion, RunZero, Firemon and other Linux based platforms.
• Understanding of networking technology fundamentals of IPv4, Various TCP/UDP protocols and applications (DNS, DHCP, IPSec, VPN etc).
• Understanding of Identity and Access Management technologies such as Active Directory, Azure Entra, Privileged Access Management and MFA tooling.
• Cross-Functional Collaboration & Escalation
• Act as the highest‑level escalation point for complex security, networking, and systems issues.
• Collaborate closely with other Information Technology and Information Security teams to ensure aligned and secure designs.
• Lead security fault‑finding efforts using advanced diagnostic and penetration‑testing‑derived techniques.
• Assist with the coordination and facilitation of red‑team and penetration‑test engagements, ensuring technical readiness and remediation alignment.
• Experience supporting digital forensics, Security Operations Center, and incident analysis workflows.
• Monitor and respond to cybersecurity threats, including ransomware, phishing, and insider threats targeting legal data.
• Leadership & Soft Skills
• Ability to mentor an guide engineers, elevating team expertise across security domains.
• Strong communication skills to interface with leadership, vendors, and technical stakeholders.
• Demonstrated success managing complex projects involving multiple teams and vendors.
• Proven ability to translate technical risk into meaningful business impact.
• Assist with educating attorneys and staff on cybersecurity best practices, including secure communication, data handling, and remote work products.
• Detail-oriented, thorough and analytical, with capability to apply logic to solve problems.
• Initiative to actively seek new knowledge and improve skills.
• Identify
• Develop and maintain a comprehensive security architecture that maps to the firm’s legal operations, data flows, and risk profile.
• Assist with conducting regular risk assessments and threat modeling for legal systems, client data repositories, and third-party integrations.
• Assist with maintaining an inventory of critical assets, including case management systems, document repositories, and privileged communication channels.
• Collaborate with legal, compliance, and IT teams to define security requirements based on regulatory obligations (e.g., ABA, GDPR, HIPAA).
• Protect
• Design and maintain a secure enterprise architecture and layered security controls that protects client confidentiality, privileged communications, and sensitive legal data. This applies across endpoints, networks, cloud services, and mobile platforms.
• Develop and enforce security policies and procedures aligned with legal industry standards (e.g., ABA cybersecurity guidelines, ISO 27001, NIST ad CIS controls).
• Architect secure and strategic solutions for cloud-based legal platforms, remote access, and mobile device usage by attorneys and staff.
• Ensure compliance with data protection regulations such as GDPR, HIPAA (for healthcare-related cases), and client-specific contractual obligations.
• Work with project teams to plan and implement security best practices in architecture and design
• Collaborate with legal operations, IT, and compliance teams to integrate security into case management systems, eDiscovery platforms, and billing systems.
• Assist with vendor risk management, especially for third-party legal tech providers, cloud services, and external counsel platforms.
• Monitor and respond to cybersecurity threats, including ransomware, phishing, and insider threats targeting legal data.
• Assist with educating attorneys and staff on cybersecurity best practices, including secure communication, data handling, and remote work protocols.
• Detect
• Working with the SEC Ops Lead, deploy and manage monitoring tools to detect anomalous activity across legal systems, including unauthorized access to client files or privileged communications.
• Working with the SEC Ops Lead, integrate SIEM and threat intelligence platforms to identify potential threats targeting legal workflows or sensitive data.
• Working with the SEC Ops Lead, define and maintain detection rules and alerts specific to legal use cases (e.g., unusual access to case files, mass downloads).
• Respond
• Working with the SEC Ops Lead, assist with incident response and digital forensics efforts, ensuring chain-of-custody and evidence preservation when required.
• Working with the Director of IT Security & Risk and the Sr. Director of IT and Security, report on security posture and risk exposure to firm leadership, including General Counsel, CIO, and Managing Partners.
• Recover
• Assisting with the development and maintenance of recovery plans for critical legal systems, ensuring minimal disruption to client services and casework.
• Assist with lead post-incident reviews and implement architectural improvements based on lessons learned.

Benefits

• Seyfarth provides competitive salary and benefits at all levels, and our culture embraces the entrepreneurial spirit of its professionals like no other firm.
• We offer a comprehensive package of benefits including paid time off, medical/dental/vision insurance, and 401(k).