Information Security Engineer
Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC or Tallahassee, FL office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm’s IT and application infrastructure in support of enterprise IT objectives and client service delivery needs.
Responsibilities include but are not limited to:
- Performing security log and event analysis taking appropriate action as directed or required to address security risk issues or events / incidents.
- Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems.
- Maintaining and managing security toolsets that help to mitigate or respond to security events and incidents.
- Supporting and leading security incident response and investigation efforts as directed.
- Assists with validating and tracking IT operational activities to ensure compliance with policy, standards, and other applicable requirements, or as directed by organizational needs.
- Researching and identifying security vulnerabilities and relevant industry / cybersecurity trends for follow-up and action.
- Regular reporting and tracking of IT security events and metrics along with remediation activities.
- Assists with supporting third-party risk management efforts as assigned.
- Assists with supporting firm security awareness training program as assigned.
- Planning and implementing security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control in support of enterprise objectives and client service delivery.
- Reviewing enterprise architecture and application changes for security impacts and possible remediation to address security risk.
- Actively participating in the enterprise Change Control Board (CCB).
- Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures.
- Assists with developing and contributing to security policies, standards and procedures to maintain an appropriate security posture and/or compliance with applicable requirements.
- Minimum of three (3) years of experience in Information Security.
- Four year college degree preferred; equivalent experience will be considered.
- Experience and understanding of Windows, Unix/Linux, and Active Directory.
- Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, routing protocols.
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
- Ability to communicate complex technical information to a non-technical audience.
- Effective oral and written communication.
- Strong client service skills and personal initiative.
- Excellent organizational and problem-solving skills.
- Proficiency in handling a number of projects simultaneously.
- Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations.
- Ability to write reports, business correspondence, and procedure manuals.
- Ability to effectively present information and respond to questions from groups including colleagues, managers, attorneys and firm leadership.
Arnold & Porter Kaye Scholer LLP is an equal opportunity and affirmative action employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex (which includes pregnancy, childbirth, breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. All qualified applicants will receive consideration for employment without regard to any characteristic protected by local, state, or federal laws, rules, or regulations.
Arnold & Porter Kaye Scholer LLP endeavors to make www.arnoldporter.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Director of Support Staff Stephanie Denmark at +1 202.942.6068. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
For our EEO Policy Statement, please click here. If you would like more information about your EEO rights as an applicant under the law, please click EEO is the LAW and the Supplement poster..
Arnold & Porter is an EO Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity.
Arnold & Porter Kaye Scholer LLP uses E-Verify, which is a web-based system, to confirm the eligibility of our employees to work in the United States. As an E-Verify employer, we verify the identity and employment eligibility of newly hired employees by electronically matching information provided by employees on the Form I-9, Employment Eligibility Verification, against records available to the Social Security Administration (SSA) and the Department of Homeland Security (DHS). We use E-Verify because we are a federal contractor containing the Federal Acquisition Regulation (FAR) E-Verify clause. Please see the posters for details regarding E-Verify or contact Arnold & Porter’s Human Resources Department for more information. E-Verify Participation Poster and Right-to-work Poster.