Information Security Engineer
Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC or Tallahassee, FL office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm’s IT and application infrastructure in support of enterprise IT objectives and client service delivery needs.
Responsibilities include but are not limited to:
- Performing security log and event analysis taking appropriate action as directed or required to address security risk issues or events / incidents.
- Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems.
- Maintaining and managing security toolsets that help to mitigate or respond to security events and incidents.
- Supporting and leading security incident response and investigation efforts as directed.
- Assists with validating and tracking IT operational activities to ensure compliance with policy, standards, and other applicable requirements, or as directed by organizational needs.
- Researching and identifying security vulnerabilities and relevant industry / cybersecurity trends for follow-up and action.
- Regular reporting and tracking of IT security events and metrics along with remediation activities.
- Assists with supporting third-party risk management efforts as assigned.
- Assists with supporting firm security awareness training program as assigned.
- Planning and implementing security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control in support of enterprise objectives and client service delivery.
- Reviewing enterprise architecture and application changes for security impacts and possible remediation to address security risk.
- Actively participating in the enterprise Change Control Board (CCB).
- Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures.
- Assists with developing and contributing to security policies, standards and procedures to maintain an appropriate security posture and/or compliance with applicable requirements.
- Minimum of three (3) years of experience in Information Security.
- Four year college degree preferred; equivalent experience will be considered.
- Experience and understanding of Windows, Unix/Linux, and Active Directory.
- Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, routing protocols.
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
- Ability to communicate complex technical information to a non-technical audience.
- Effective oral and written communication.
- Strong client service skills and personal initiative.
- Excellent organizational and problem-solving skills.
- Proficiency in handling a number of projects simultaneously.
- Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations.
- Ability to write reports, business correspondence, and procedure manuals.
- Ability to effectively present information and respond to questions from groups including colleagues, managers, attorneys and firm leadership.
Arnold & Porter Kaye Scholer LLP is an equal opportunity and affirmative action employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex (which includes pregnancy, childbirth, breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. All qualified applicants will receive consideration for employment without regard to any characteristic protected by local, state, or federal laws, rules, or regulations.
Arnold & Porter Kaye Scholer LLP endeavors to make www.arnoldporter.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Director of Support Staff Stephanie Denmark at +1 202.942.6068. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
For our EEO Policy Statement, please click here. If you would like more information about your EEO rights as an applicant under the law, please click EEO is the LAW and the Supplement poster..
Arnold & Porter is an EO Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity.
Arnold & Porter Kaye Scholer LLP uses E-Verify, which is a web-based system, to confirm the eligibility of our employees to work in the United States. As an E-Verify employer, we verify the identity and employment eligibility of newly hired employees by electronically matching information provided by employees on the Form I-9, Employment Eligibility Verification, against records available to the Social Security Administration (SSA) and the Department of Homeland Security (DHS). We use E-Verify because we are a federal contractor containing the Federal Acquisition Regulation (FAR) E-Verify clause. Please see the posters for details regarding E-Verify or contact Arnold & Porter’s Human Resources Department for more information. E-Verify Participation Poster and Right-to-work Poster.
Perks/benefits: Medical leave
Explore more Cyber Security career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cybersecurity in general, filtered by job title or popular skill, toolset and products used.
- Open Security Operations Analyst jobs
- Open Senior Security Operations Engineer jobs
- Open Senior DevSecOps Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Head of Information Security jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Analyst jobs
- Open SOC Analyst jobs
- Open Offensive Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Sr. Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Staff Application Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Information Security Officer jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Operations Lead jobs
- Open Security Researcher jobs
- Open Security Engineer II jobs
- Open Senior Information Security Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Account Executive, Cyber Security jobs
- Open Security Consultant jobs
- Open GCP-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open Analytics-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Audits-related jobs
- Open Clearance-related jobs
- Open PCI-related jobs
- Open Agile-related jobs
- Open Threat intelligence-related jobs
- Open OWASP-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open CISM-related jobs
- Open Ruby-related jobs
- Open Governance-related jobs
- Open CISA-related jobs
- Open DevSecOps-related jobs
- Open Open Source-related jobs
- Open ISO 27001-related jobs
- Open Security assessments-related jobs
- Open Encryption-related jobs
- Open GDPR-related jobs