The Chicago office of Locke Lord LLP has an immediate opening for a Security Engineer. The Security Engineer will be responsible for security architecture, design and engineering that meet all security and privacy requirements and compliance initiatives.
Duties & Responsibilities:
Has direct responsibility for performing Subject Matter Expert (SME) duties for enterprise network security architecture and design engineering deliverables across a hybrid mix of enterprise and business class systems.
Deliver high availability (99.9%) of security systems across the enterprise with an emphasis on minimizing downtime associated with intrusions and other malicious activity.
Responsible for assisting in the development of a network infrastructure security roadmap and overall security strategy for the Firm.
Assist in the design and delivery of disaster recovery and incident response plans that meet compliance related recovery objectives.
Responsible for the administration, maintenance and monitoring security systems including but not limited to firewalls, email and web security systems.
Monitoring and analyzing network traffic patterns, log and event correlation, wire sniffing, and activity monitoring as needed.
Perform other tasks and duties as assigned.
After hours support as needed.
Education & Experience:
Bachelor’s degree in a technical discipline is required.
Minimum 3-5 years of experience in networking and security is required
CCNP-Security or CISSP certification required
Both CCNP-Security and CISSP certifications required within 12 months of start date
CISM or CISA is preferred but not required.
Experience and technical knowledge in security engineering, security troubleshooting, system and network security, authentication and security protocols, cryptography, and application security
Experience with the installation, configuration, monitoring, and response of network security equipment including Cisco FMC, FTD, IPS/IDS, routers, switches.
Experience in network security features including ACLs, VPN, L2VPN, L3VPN, IPSEC, GRE, 802.1x within a Cisco platform
Experience with Cisco products used in security including Web Security (Umbrella), Email Security Appliance (ESA), Identity Services Engine (ISE), Advanced Malware Protection (AMP), Wireless LAN Controller (WLC)
Experience with Okta Single Sign-On (SAML) and Multi-Factor Authentication
Experience with encryption standards such as AES, SSL, TLS
Experience with SIEM systems
Experience with network and web related protocols (e.g. TCP, UDP, ICMP, IPSEC, HTTP, HTTPS)
Experience with enterprise switching/routing and protocols including OSPF, BGP, EIRGP, HSRP and MPLS/VPLS
Experience with Windows and Linux servers
Design and operational experience in an enterprise class environment.
Experience in application and design of security for multiple hardware and software platforms layers including intranets and extranets.
Experience with incident management and threat remediation including threat analysis, isolation, identification, eradication.
Creative problem definition and solving abilities.
Excellent written and verbal communications skills.
Strong interpersonal skills, including the ability to work as a team member and interact with colleagues and firm personnel professionally.
Ability to handle multiple complex, long term projects simultaneously.
Disaster Recovery planning, administration, and maintenance experience is preferred but not required.
Understanding of ISO 27001/27701, HIPPA, PII and PCI security principles is a plus