Legal Staff Information Technology in Seattle, WA

Law Firm

Seattle, WA

Legal Staff Information Technology in Seattle, WA

Legal Staff

8-8 yrs required

No

Job Title: Senior IT Security Engineer, Governance Risk & Compliance, Data Protection and Privacy Support

Job Responsibilities:

The Senior IT Security Engineer is a pivotal role within the IT Security team at the law firm, responsible for ensuring the firm meets its security objectives and regulatory requirements while maintaining robust data protection and privacy standards. The primary responsibilities include:

Governance, Risk & Compliance Leadership:
- Lead the creation and maintenance of enterprise security documents such as policies, standards, baselines, guidelines, and procedures under the guidance of the IT Security Manager.
- Oversee the planning, design, testing, and maintenance of the firm's Incident Response Plan in alignment with Governance, Risk, and Compliance (GRC) objectives.
- Drive the planning, implementation, and maintenance of the firm's ISO 27001 Certification program.
- Lead client audits and third-party supplier security assessments to ensure thorough evaluation and compliance with security standards.
- Guide the strategic planning and design of the firm's enterprise security architecture, focusing on GRC requirements.

Data Protection and Privacy Support:
- Develop and implement strategies for data protection and privacy, ensuring compliance with regulations such as GDPR and CCPA.
- Collaborate with legal, compliance, and privacy teams to align privacy policies and practices with regulatory requirements.
- Monitor and assess data protection measures, recommending improvements to enhance privacy and security.
- Provide training and support to staff on data protection and privacy best practices.

Expertise in Cybersecurity and Artificial Intelligence:
- Maintain advanced knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the emergence of new attacks and threat vectors.
- Recommend and implement additional security solutions or enhancements to existing security solutions to improve overall enterprise security, leveraging Artificial Intelligence where applicable.
- Oversee the deployment, integration, and initial configuration of new security solutions and enhancements to existing solutions, ensuring adherence to GRC standards.

Operational Management:
- Ensure up-to-date baselines for the secure configuration and operations of all in-place devices, ensuring compliance with GRC policies.
- Monitor in-place security solutions for efficient and appropriate operations, with a focus on risk management.
- Review logs and reports of in-place devices, interpreting implications for GRC compliance and devising plans for appropriate resolution.
- Lead investigations into problematic activity and design and execute vulnerability assessments, penetration tests, and security audits.
- Provide on-call support for end-users and other IT staff for security-related issues, ensuring GRC adherence.

Education and Experience Information:

- Over 5 years of experience in configuring and maintaining network security tools.
- Minimum of 8 years of experience in information security governance, including policy and procedure development, security assessments, and incident response.
- Proven expertise in Cybersecurity, Data Protection & Integrity, Privacy, and Artificial Intelligence.
- Extensive experience in leading client audits and third-party supplier security assessments.
- Experience in the legal, financial, or business services industries is preferred.
- Strong understanding of Access Control Management and familiarity with encryption tools and concepts.

Education & Certifications:
- Bachelor's degree in computer science, cybersecurity, or a related field; advanced degree preferred, or equivalent work experience.
- Relevant certifications such as CISSP, CISM, CompTIA Security+, CompTIA Network+, Microsoft Certifications, ITIL Foundations.

Salary Information:

The expected salary ranges for this position are as follows:
- California Major Markets: $128, - $180,
- New York City: $143, - $180,
- National: $116, - $148,

California Major Markets include San Francisco, Silicon Valley, Los Angeles, Orange County, Santa Monica. All other California locations fall within the National range.

The law firm is committed to providing a comprehensive, competitive, and thoughtful total compensation package to attorneys and staff, wherever they work. The compensation and benefits information is based on the law firm's estimate as of the date of publication and may be modified in the future. The level of pay within the range will depend on a variety of job-related factors that may include qualifications, relevant experience or education, particular skills or expertise, and geography. Other compensation may include an annual discretionary merit bonus, determined by firm and individual performance.

Benefits include a full range of elective health benefits such as medical, dental, vision, and life; robust mental well-being programs; child, family, elder, and pet care benefits; short- and long-term disability and industry-leading parental leave benefits, health savings account contributions, flexible spending accounts, and a 401K program. This role will receive compensated time off through the Flexible Time Off program and paid holidays.

The law firm is an Equal Opportunity Employer. Consistent with the SF Fair Chance Ordinance, an arrest and conviction record will not automatically disqualify a qualified applicant from consideration. Qualified applicants with criminal histories will be considered for the position in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring.

Jun 12, 2025
Jun 04, 2025
Apply for this Legal Staff Information Technology in Seattle, WA job

Upload Resume:

Apply Later
Email   |   Print

The #1 legal job board in the United States year after year!

Tell us where to send your access instructions:

paywall sign up popp