Information Security Engineer
Washington, DC
Applications have closed
Arnold & Porter
Arnold & Porter has an opening for an Information Security Engineer in the Washington, DC or Tallahassee, FL office. The Information Security Engineer is a technical security expert responsible for supporting security operations, engineering, and architecture functions and efforts for Arnold & Porter. Under the direction of the Manager of Information Security, the Information Security Engineer helps to ensure the overall security posture of the firm, and is expected to be involved in day-to-day security operations and contribute to ensuring the integrity and availability of the firm’s IT and application infrastructure in support of enterprise IT objectives and client service delivery needs.
Responsibilities include but are not limited to:
- Performing security log and event analysis taking appropriate action as directed or required to address security risk issues or events / incidents.
- Monitoring and proactively executing the vulnerability management program to prevent or reduce IT hygiene risk issues from impacting production systems.
- Maintaining and managing security toolsets that help to mitigate or respond to security events and incidents.
- Supporting and leading security incident response and investigation efforts as directed.
- Assists with validating and tracking IT operational activities to ensure compliance with policy, standards, and other applicable requirements, or as directed by organizational needs.
- Researching and identifying security vulnerabilities and relevant industry / cybersecurity trends for follow-up and action.
- Regular reporting and tracking of IT security events and metrics along with remediation activities.
- Assists with supporting third-party risk management efforts as assigned.
- Assists with supporting firm security awareness training program as assigned.
- Planning and implementing security systems and standards by evaluating network and security technologies, developing security requirements for the enterprise infrastructure, and maintaining overall user access and data protection control in support of enterprise objectives and client service delivery.
- Reviewing enterprise architecture and application changes for security impacts and possible remediation to address security risk.
- Actively participating in the enterprise Change Control Board (CCB).
- Conducting research and providing recommendations on methods, software, and technologies to mitigate risk exposures.
- Assists with developing and contributing to security policies, standards and procedures to maintain an appropriate security posture and/or compliance with applicable requirements.
QUALIFICATIONS:
- Minimum of three (3) years of experience in Information Security.
- Four year college degree preferred; equivalent experience will be considered.
- Experience and understanding of Windows, Unix/Linux, and Active Directory.
- Solid understanding of core networking protocols, including TCP/IP, UDP, DNS, DHCP, HTTP/HTTPS, routing protocols.
- Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
- Ability to communicate complex technical information to a non-technical audience.
- Effective oral and written communication.
- Strong client service skills and personal initiative.
- Excellent organizational and problem-solving skills.
- Proficiency in handling a number of projects simultaneously.
- Ability to read, analyze, and interpret general business periodicals, professional journals, technical procedures, or governmental regulations.
- Ability to write reports, business correspondence, and procedure manuals.
- Ability to effectively present information and respond to questions from groups including colleagues, managers, attorneys and firm leadership.
Arnold & Porter Kaye Scholer LLP is an equal opportunity and affirmative action employer that does not discriminate on the basis of race, color, creed, religion, national origin, sex (which includes pregnancy, childbirth, breastfeeding and related medical conditions), age, marital or partnership status, familial status, sexual orientation, gender, gender identity, gender expression, transgender, physical or mental disability, medical condition, family leave status, citizenship status, immigration status, ancestry, genetic information, military or veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. All qualified applicants will receive consideration for employment without regard to any characteristic protected by local, state, or federal laws, rules, or regulations.
Arnold & Porter Kaye Scholer LLP endeavors to make www.arnoldporter.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact Director of Support Staff Stephanie Denmark at +1 202.942.6068. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
For our EEO Policy Statement, please click here. If you would like more information about your EEO rights as an applicant under the law, please click EEO is the LAW and the Supplement poster..
Arnold & Porter is an EO Employer – M/F/Veteran/Disability/Sexual Orientation/Gender Identity.
Arnold & Porter Kaye Scholer LLP uses E-Verify, which is a web-based system, to confirm the eligibility of our employees to work in the United States. As an E-Verify employer, we verify the identity and employment eligibility of newly hired employees by electronically matching information provided by employees on the Form I-9, Employment Eligibility Verification, against records available to the Social Security Administration (SSA) and the Department of Homeland Security (DHS). We use E-Verify because we are a federal contractor containing the Federal Acquisition Regulation (FAR) E-Verify clause. Please see the posters for details regarding E-Verify or contact Arnold & Porter’s Human Resources Department for more information. E-Verify Participation Poster and Right-to-work Poster.
Tags: Active Directory Application security Compliance Cryptography DNS Incident response Linux Monitoring Network security Risk management TCP/IP UNIX Vulnerabilities Vulnerability management Windows
Perks/benefits: Medical leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Senior Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Security Specialist jobs
- Open Ingénieur DevSecops H/F jobs
- Open Senior Cyber Security Specialist jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open CI/CD-related jobs
- Open IPS-related jobs