IT Security Engineer
Polsinelli · Boston, MA
- Hybrid
- Full-time
- $120,000 / year
- Boston, MA
Job highlights
- Securely operate hybrid infrastructure and platforms.
- Conduct penetration testing and threat hunting.
- Respond to security incidents in real-time.
- Develop security strategies and automation capabilities.
- Collaborate on cyber resilience initiatives.
About the role
IT Security Engineer
At Polsinelli, What a Law Firm Should Be is not just our tagline, it is what we live every day. We strive to create an environment where our team members are encouraged to bring their creativity and professional passions into the workplace so that they can thrive. Are you a people person who has a keen eye for detail, thrives in a professional environment and wants to be part of a dynamic team? We have the perfect role for an engaging professional like you! Polsinelli is hiring a Security Engineer for any of our offices, with the option to work remotely. However, our preference is for this role to be based in Kansas City.
Role Overview
Security Engineers are responsible for the secure operations of infrastructure, platforms, and software, including the installation, maintenance, and improvement of hybrid (on-premise and cloud) computing environments. They also help develop new designs and security strategies across all applications, including infrastructure, platform, and SaaS.
Responsibilities
- Configure business operating environments securely
- Perform penetration testing and threat hunting to identify potential risks
- Monitor for and respond to incidents in the Firm's hybrid environment
- Keep infrastructure current, make recommendations, and continually improve security technologies
- Analyze, design, and develop programs, shell scripts, tests, and infrastructure automation capabilities
- Work with analysts and engineers across the organization to continually improve cyber resilience
- Provide support to understand and develop system requirements and technical solutions for cybersecurity engineering based on system architectures (CIS Controls, MITRE ATT&CK Framework, and NIST Cyber Security Framework).
- Support the maturation of the enterprise architecture to align with the Firm’s information security and risks to the organizational operations, organizational assets, and individuals
- Develop alternatives of system designs and/or architecture, which consider trade-offs between security requirements, functional/operational requirements, and cost
- Identify and define the requirements of the overall security of the network
- Plan, engineer, and monitor overall security implementation of network systems
- Support in configuring and implementing network security tools
- Test and provide solutions for system weaknesses, threats, security issues
- Research and identify latest suitable technologies and processes that will improve the overall security of the system
- Regularly audit the existing network configuration and provide improvement recommendations
- Other duties as assigned
Employees approved for flexible work arrangements are expected to be available and maintain a practice of reliable, consistent attendance at all times during the employees scheduled work shift including, but not limited to, Teams/instant message, Zoom, email and voicemail, and by phone. The Firm is nationwide, but operates in the Central Time Zone.
Required Qualifications
- Microsoft Active Directory with Azure experience
- 2-4 years of experience in on-premises environment focused on security
- 2-4 years of experience in security engineering
- Ability to perform detection engineering to interrogate computer logs to identify anomalous behavior
- Develop workflows within a SIEM to automate detections and actions taken
- Demonstrative knowledge/experience with (2) scripting languages like Python and PowerShell
- Demonstrative knowledge and expertise with common enterprise-grade security solutions
- Excellent verbal and written communication
- 2-4 years of experience with Metrics, Events, Logging, in an environment similar to Splunk
- Bachelor’s degree in Computer Science, Computer Engineering, Information Systems or equivalent experience.
The budgeted salary range for this position is $100,000 - $120,000.
As part of full-time employment associated with this position, Polsinelli PC offers the following benefits: Paid time off, sick time off, a referral program, medical insurance and benefits, dental insurance, vision insurance, life insurance, AD&D insurance, ID Theft insurance, long-term disability benefits, short-term disability benefits, Parking/Transit reimbursement (varies depending on location), 401(k) benefits, and employee assistance benefits.
Polsinelli PC is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.
Key skills/competency
- IT Security Engineer
- Cybersecurity
- Network Security
- Penetration Testing
- Threat Hunting
- SIEM
- Python
- PowerShell
- Splunk
- Active Directory
Skills & topics
- IT Security Engineer
- Cybersecurity
- Network Security
- Penetration Testing
- Threat Hunting
- SIEM
- Python
- PowerShell
- Splunk
- Active Directory
- Azure
- Cloud Security
- Information Security
- Security Architecture
- Incident Response
- Detection Engineering
- Risk Management
How to get hired
- Tailor your resume: Highlight your experience with Active Directory, Azure, SIEM, Python, and PowerShell. Quantify your security engineering achievements.
- Showcase your skills: Emphasize your experience with on-premises security, detection engineering, and enterprise security solutions in your application.
- Prepare for technical questions: Be ready to discuss your understanding of CIS Controls, MITRE ATT&CK, and NIST frameworks.
- Demonstrate problem-solving: Practice explaining how you've identified and resolved system weaknesses and security threats.
- Research Polsinelli: Understand their commitment to 'What a Law Firm Should Be' and their dynamic team environment.
Technical preparation
Behavioral questions
Frequently asked questions
- What are the preferred office locations for the IT Security Engineer role at Polsinelli?
- While Polsinelli hires for this IT Security Engineer position in any of their offices with remote options available, they have a preference for candidates to be based in Kansas City.
- What specific security frameworks are important for the IT Security Engineer role at Polsinelli?
- For the IT Security Engineer role at Polsinelli, understanding and applying frameworks such as CIS Controls, MITRE ATT&CK, and the NIST Cyber Security Framework is crucial for developing system requirements and technical solutions.
- Does Polsinelli offer remote work for the IT Security Engineer position?
- Yes, Polsinelli offers the option to work remotely for the IT Security Engineer position, although they do prefer candidates to be based in Kansas City.
- What scripting languages are required for the IT Security Engineer role at Polsinelli?
- The IT Security Engineer role at Polsinelli requires demonstrable knowledge and experience with at least two scripting languages, specifically mentioning Python and PowerShell as examples.
- What is the salary range for the IT Security Engineer position at Polsinelli?
- The budgeted salary range for the IT Security Engineer position at Polsinelli is between $100,000 and $120,000 annually.
- What experience is needed with logging and monitoring tools for the IT Security Engineer at Polsinelli?
- The IT Security Engineer position at Polsinelli requires 2-4 years of experience with Metrics, Events, and Logging, particularly in an environment similar to Splunk.
- What is the educational requirement for the IT Security Engineer job at Polsinelli?
- A Bachelor's degree in Computer Science, Computer Engineering, Information Systems, or equivalent experience is required for the IT Security Engineer position at Polsinelli.