Cloud/Active Directory Specialist - for top tier global law firm in Washington, DC.
This position is a hybrid involving some in office work. This position is responsible for ensuring the Firm designs and implements appropriate security controls for critical infrastructure. The Specialist conducts a focused risk and control program that sets expectations for securing core platform services including Active Directory, Azure, and Active Directory Federation Services. This role is highly technical and involves hands-on, collaborative work with stakeholders and IT.
Duties: Manages a security oversight program focused on protecting critical platform services, including related charters, roadmaps, plans, and milestones for risk assessments and control implementations. Works with process and asset owners to ensure program goals are being achieved. This role will work with the Physical Security Operations, Risk Operations, Information Technology Services, Information Resource Services, and Practice Services and Support teams. Regularly reports on program progress to the CISO and other senior stakeholders, using defined Key Performance Indicators and Key Risk Indicators to highlight control adoption gaps, identify areas of strong or weak performance, or quantify risks, respectively.
Position Requirements: Bachelor's degree preferred; advanced degree and CISSP certification ideal. Minimum 15+ years' experience in cybersecurity required, with 5+ years experience executing security advisory or oversight programs. Expert knowledge of Microsoft Active Directory, Azure Active Directory, Microsoft 365, and/or Office 365. Experience with Azure and Active Directory security assessment, attackpath planning and/or password auditing tools. Exceptional interpersonal skills: success in the role requires ability to influence and persuade. Salary is commensurate with experience.