The Security Engineer will work in conjunction with a team of IT operations professionals to ensure the Firm's data, computer systems and infrastructure are secure through analysis, testing and investigation. The Security Engineer will oversee and participate in the design, implementation, maintenance and perform necessary improvements of all security systems which safeguard the firm's computers, network and systems.

Responsibilities:

• Partners with operations and application support teams in the design and review of projects with respect to adherence to security policies, standards, and best practices
• Works with technical operations teams to ensure security controls such as firewalls, MFA, DNS security, and NAC applications are logging and functioning as expected
• Monitors and administers our Crowdstrike EDR platform, including event investigation, report writing, configuration of policies, and updates of endpoint agent software
• Works with Cloud Engineer and Operations staff to ensure Microsoft cloud design and implementation follow security best-practices
• Conduct regular audits to ensure security controls such as Crowdstrike and our Qualys vulnerability software are functioning as expected
• Tests for vulnerabilities by conducting regular scans of networks using our Qualys vulnerability scanning platform and works with third party vendors during annual security assessments and testing
• Monitors network and system logs for security breaches or intrusions; manages and improves the SIEM platform by writing and tuning rules, reports, and dashboards for Security Operations team members
• Leads incident response to investigate breaches and minimize impact; leads technical forensic investigation into how the breach happened, articulate extent of the exposure, and how to prevent it from happening in the future
• Prepares reports of security performance metrics, events, incident findings, and other security related outputs and presents to management
• Works with Risk and Audit manager to ensure all relevant certification tasks and client inquiries are addressed in a timely manner
• Follows current news and information related to security trends/threats outside the firm and presents recommendations based on relevant findings

Qualifications:

• Prior work experience as a system security analyst or information security engineer
• Hands on experience in security software and systems including firewalls, intrusion detection systems, anti-virus/EDR software, authentication systems, log management (Splunk experience preferred), web-content filtering platforms, and vulnerability management systems
• Azure cloud security experience is a plus
• Ability to work in complex IT environments both independently and also cross-team
• Experience with planning, implementation and documentation of tasks/projects in the assigned areas
• Strong communication skills
• College degree preferred

Cozen O'Connor is an Equal Opportunity Employer, including disabled and veterans.

Cozen O'Connor actively welcomes applicants who have previously left the workforce and are looking to return to their careers. Gaps in experience are not penalized.

Cozen O'Connor is committed to employing a diverse complement of attorneys and staff, and to fostering greater inclusion in the legal profession. We understand the organizational effectiveness that comes from welcoming and valuing differences within the firm, and we know that assembling a team with a rich diversity of perspectives and experience is necessary to provide the highest quality legal service. We encourage candidates to apply and join us in this effort.