Location: Denver, CO

Industry: Legal

Schedule: Hybrid (2 days onsite)

Type: Full-Time, Direct Hire

Salary: $145k - $170k + discretionary bonus

We are seeking a proactive Cybersecurity Engineer to play a vital role in protecting the firm's information assets and ensuring compliance with industry regulations. This position safeguards the confidentiality, integrity, and availability of sensitive data across the organization. The ideal candidate will have a strong technical background, excellent problem-solving skills, and a deep understanding of cybersecurity best practices, preferably within a legal or highly regulated environment.

Essential Duties and Responsibilities:

Security Infrastructure Design and Implementation:

• Design, implement, and maintain security infrastructure including cloud security, firewalls, IDS/IPS, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Privileged Access Management (PAM), vulnerability management, and email security platforms
• Evaluate and recommend new security technologies and tools to enhance the firm's security posture

Security Monitoring:

• Monitor security events and alerts to detect suspicious activity and security breaches
• Perform log analysis and correlation to identify anomalies or indicators of compromise
• Investigate and respond to notable security events, escalating to senior staff as needed
• Perform root cause analysis of notable events and cybersecurity incidents, implement corrective actions, and provide recommendations to prevent future occurrences

Security Orchestration, Automation, and Response (SOAR):

• Design, implement, and maintain SOAR playbooks to automate repetitive security operations tasks and incident response procedures
• Integrate SOAR platforms with various security tools (SIEM, EDR, threat intelligence feeds, ticketing systems, etc.) using RESTful APIs and custom connectors
• Develop and maintain scripts (Python, PowerShell, Bash, etc.) to support automation of security processes and data enrichment

Vulnerability Management:

• Conduct vulnerability assessments and penetration testing to identify weaknesses in the firm's systems and network
• Manage security infrastructure patch management processes to ensure timely resolution of security vulnerabilities

Risk Management and Compliance:

• Assist in the development and maintenance of security policies, procedures, and standards
• Support the firm's compliance with outside counsel guidelines, industry regulations, and legal requirements (e.g., ISO 27001, GDPR, CCPA/CPRA)
• Support audits, client security assessments, and third-party risk management processes
• Work closely with IT, Human Resources, Facilities, Legal, and other teams to ensure alignment with security practices
• Participate in disaster recovery and business continuity planning and testing

Security Awareness and Training:

• Conduct security awareness and training for employees to mitigate risks related to phishing, social engineering, and other cyber threats
• Develop and distribute educational materials to raise awareness of security best practices

Documentation and Reporting:

• Document cybersecurity incidents, investigation results, and remediation actions taken
• Prepare periodic reports and status updates on projects, tasks, key performance indicators, incidents, and risks for senior management and stakeholders

Required and Preferred Qualifications:

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, a related field, or equivalent experience
• At least 3 years of experience in an information security role, preferably within a law firm or other regulated industry
• Industry-recognized certifications such as CISSP, CISM, CEH, GIAC, or Microsoft Security preferred
• Strong knowledge of network security, endpoint protection, identity and access management, and cloud security
• Deep understanding of TCP/IP, DNS, VPNs, and encryption protocols
• Proficiency with security tools such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Privileged Access Management (PAM), vulnerability management, and email security platforms
• Proficiency in scripting languages (e.g., Python, PowerShell) and experience with API integration and JSON/XML data handling
• Experience with Microsoft Defender for Cloud, Azure security tools, and hybrid cloud environments
• Experience with security standards and risk management frameworks (e.g., ISO 27001, CIS Controls, NIST, MITRE ATT&CK)
• Experience with log analysis, threat hunting, and forensic investigations
• Familiarity with Zero Trust architecture and secure software development practices
• Familiarity with Microsoft Purview
• Familiarity with data privacy and regulatory requirements (e.g., GDPR, CCPA/CPRA, HIPAA, PCI-DSS)
• Knowledge of eDiscovery platforms, legal practice management systems, and document management systems

Compensation and Benefits: We offer a benefits package that includes medical, dental, vision, 401k + match, profit sharing, and vacation/sick/personal time off.

Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa, including student Visas with an OPT/CPT designation, at this time.

All qualified applicants will receive consideration for employment without regard to race, color, national origin, age, ancestry, religion, sex, sexual orientation, gender identity, gender expression, marital status, disability, medical condition, genetic information, pregnancy, or military or veteran status. We consider all qualified applicants, including those with criminal histories, in a manner consistent with state and local laws, including the California Fair Chance Act, City of Los Angeles' Fair Chance Initiative for Hiring Ordinance, and Los Angeles County Fair Chance Ordinance. For unincorporated Los Angeles county, to the extent our customers require a background check for certain positions, the Company faces a significant risk to its business operations and business reputation unless a review of criminal history is conducted for those specific job positions.