IT Security Engineer

ZwillGen is a boutique law firm that represents some of the biggest names in technology on a range of Internetrelated legal issues including cybersecurity privacy government surveillance alternative data and fantasy sports. We offer a hardworking joyful and casual work environment.

ZwillGen PLLC is looking for an IT Security Engineer who is ready to hit the ground running hungry for a challenge and wants to work in a predominantly Mac OS environment! We are seeking a highly skilled and detailoriented Security Engineer to join our law firms IT department. The Security Engineer will be responsible for implementing and maintaining robust security measures to protect our firms sensitive data including client and firm information legal documents and communications. The ideal candidate will have a deep understanding of cybersecurity principles experience with security infrastructure and the ability to anticipate and mitigate potential security threats. This role will also provide support to ZwillGens subsidiaries.

Key Responsibilities

Conduct regular security assessments vulnerability testing and risk analysis to identify potential threats to the firms IT systems. Recommend and implement appropriate risk mitigation strategies.

Primary contact for third party audits of the Firms security practices in connection with potential certifications (ISO Certification)

Develop and maintain firm incident response plans and corporate security policies and procedures. Lead investigations of security incidents and respond promptly to security incidents minimizing the impact on the firms operations. Conduct regular IRP testing.

Ensure compliance with relevant legal and regulatory requirements (e.g. CCPA GDPR HIPAA). Develop update and enforce security policies and procedures tailored to the law firm environment.

Work with external teams (SOC EDR vendors) to continuously monitor network traffic security logs and alerts for suspicious activity. Generate and present regular reports on the security status to senior management.

Manage and deliver security awareness training for staff promoting best practices and reducing the risk of human error.

Administer and maintain user end point security measures and provide expertise in all security related applications and software.

Review complete and submit third party security questionnaires from clients and review outside counsel guidelines

Work closely with legal teams IT staff and external vendors to ensure that security measures are integrated into all aspects of the firms operations including new projects and technologies.

Manage the regular updates and patching of security agents to systems and software to protect against vulnerabilities.

• Assist in the design implementation and management of the firms security solutions including firewalls intrusion detection/prevention systems (IDS/IPS) antivirus software encryption protocols and secure access controls
• Collaborate with the IT team and other administrative personnel in review of new or existing systems and software to ensure security requirements are satisfied (including risk assessment).
• Manage the firms vendor management program including the evaluation and audit of security practices of thirdparty vendors.
• Other duties may be assigned.

Qualifications

Bachelors degree in Computer Science Information Security or a related field. Equivalent experience may be considered.

Minimum of 3 years of similar level role in cybersecurity with a focus on security engineering. Experience in the legal or financial sector is a plus.

Industry certifications such as CISSP CISM or equivalent are highly desirable.

Technical Skills

Proficiency in security technologies including firewalls VPNs SIEMs IDS/IPS and endpoint protection.

Strong understanding of encryption technologies secure coding practices and network security protocols.

Familiarity with compliance requirements such as CCPA GDPR HIPAA and other relevant regulations.

Familiarity with security certifications (e.g ISO SOC)

Strong problemsolving and analytical skills with the ability to identify and mitigate risks effectively.

Excellent written and verbal communication skills with the ability to convey complex security concepts to nontechnical staff.

High level of attention to detail and the ability to manage multiple tasks in a fastpaced environment.

• Experience with cloud platforms such as Microsoft Azure MFA and Identity components within Entra (Enterprise Applications/App Registrations etc..

Why Join Us

Opportunity to work in a dynamic and respected law firm with a commitment to data security and client confidentiality.

Collaborate with a dedicated team of professionals in a supportive and inclusive work environment.

Competitive salary and benefits package including opportunities for professional development.

Compensation

ZwillGen is committed to providing transparency in compensation in accordance with applicable wage transparency laws The salary range for this position is $130000 $150000 annually. Actual compensation will be determined based on factors such as the candidates qualifications skills and experience.

Additionally ZwillGen offers a comprehensive benefits package including medical dental and vision insurance 401(k) retirement plan paid time off and shortterm and longterm disability which are available to employees in this role.