Mayer Brown

Lead Engineer: Information Security

Mayer Brown$135K — $180K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in a related field or relevant experience
  • CISSP certification preferred
  • Cloud security certifications/training preferred
  • Knowledge of AI/GenAI security concepts preferred
  • 5+ years in Information Security with hands-on experience
  • Experience implementing security controls in cloud environments
  • Familiarity with DLP operations and vulnerability management

Responsibilities

  • Implement and maintain security technologies supporting the Firm's architecture
  • Provide technical leadership for IT and security projects
  • Ensure consistent configuration of security controls across systems
  • Collaborate on security best practices with IT teams
  • Implement identity and access control systems for integrations
  • Detect and respond to security incidents effectively
  • Support security controls for AI/GenAI solutions

Benefits

  • Comprehensive medical, dental, and vision insurance
  • 401(k) savings plan
  • Back-up childcare and eldercare
  • Generous paid time off (PTO)
  • Opportunities for professional development and growth
Full Job Description
Overview

If you thrive in a collaborative environment that values exceptional client service, initiative, professionalism, responsiveness, and adaptability, we invite you to consider joining our Information Technology department in our Chicago, Los Angeles, or Salt Lake City office as a Lead Engineer: Information Security.

The Lead Engineer: Information Security implements, integrates, and maintains security technologies and controls across the Firm's cloud, data, identity, and enterprise platforms. This role provides hands-on technical leadership for strategic projects and initiatives on the security roadmap, executing designs and standards defined by security architects and ensuring solutions are delivered securely, reliably, and at scale.

The role partners closely with security architects, engineers, and other IT teams to apply and support best practices for security engineering, cloud and platform hardening, identity and access, incident response, data loss prevention, and user experience - supporting the Assistant Director: Global Information Security in delivering a scalable, resilient security program.

Responsibilities

Essential Functions:

Security Engineering & Implementation
  • Implement, integrate, and maintain security technologies and controls that support the Firm's security architecture and roadmap
  • Provide hands-on technical leadership for strategic IT and security projects and initiatives
  • Operationalize security architectures, standards, and reference patterns defined by security architects
  • Ensure consistent implementation and configuration of security controls across systems and platforms
  • Collaborate with other engineers and IT teams to apply best practices for security, server hardening, change management, account management, and user experience

Cloud, Platform & Systems Security
  • Implement and maintain security controls across cloud and enterprise platforms, including Azure, Microsoft 365, Teams/O365, and iManage Cloud
  • Configure and tune security tooling to align with defined design patterns and business requirements
  • Ensure monitoring, alerting, and detection capabilities are implemented in accordance with business needs
  • Collaborate with IT teams to ensure security standards are applied when implementing or upgrading firm technology
  • Contribute to Business Continuity and Disaster Recovery planning and execution from a security engineering perspective

Identity, Access & Data Protection
  • Implement and maintain identity, authentication, and authorization controls for internal and business-to-business integrations
  • Configure and support privileged access, conditional access, and least-privilege controls in coordination with Infrastructure and Access Management team
  • Control access to the Firm's information systems and related security configurations
  • Implement, tune, and operate Data Loss Prevention (DLP) systems and processes
  • Analyze data collected from DLP systems to ensure compliance with Firm policies and support policy tuning
  • Assist in defining DLP policies and workflows to protect firm and client data, and develop metrics for measuring effectiveness of the DLP solution
  • Implement controls to prevent or minimize unauthorized or undesirable use of IT facilities and firm data

Incident Response & Security Monitoring
  • Detect, triage, and respond to information security incidents within the Mayer Brown environment
  • Define and execute incident response workflows, including DLP positive-hit handling
  • Maintain and support incident response planning, assisting in execution of the incident response plan as needed
  • Identify root causes of security incidents and recommend remediations to mitigate future risk
  • Perform investigations as requested by Human Resources, Information Technology, or General Counsel, executing searches and producing output as required by the Firm

AI / GenAI Security Implementation
  • Implement and operate security controls for AI and Generative AI solutions in alignment with firm architecture and policies
  • Configure data protection, access, and acceptable-use controls within AI-enabled environments
  • Support security reviews and control implementation during evaluation and onboarding of AI/GenAI tools
  • Assist in securing AI-driven systems and leveraging AI tools to enhance security operations
  • Escalate operational risks and gaps associated with AI usage to security leadership and architecture teams

Policy, Risk & Compliance Support
  • Assist in the preparation, approval, implementation, and adherence of the Information Security Policies within the Firm
  • Support the development and authorization of new IT policies, ensuring the necessary security audits and tests are carried out prior to being introduced into production
  • Assist in preparing and completing risk assessments for vendors, projects, and systems
  • Support independent reviews of the security program and ensure identified gaps are addressed
  • Ensure security risks are managed and communicated clearly and effectively

Client, Audit & Cross-Functional Support
  • Support client security assessments, audits, and regulatory inquiries by providing technical evidence and implementation details
  • Participate in efforts to develop security controls and evidence to meet client or other compliance requirements
  • Partner with Legal Risk, Compliance, and IT teams to ensure security controls are implemented in alignment with client obligations and regulatory expectations
  • Coordinate with vendors on the operational delivery and support of security tooling

Technical Collaboration & Knowledge Sharing
  • Collaborate with security architects and peer engineers to deliver cohesive, secure solutions
  • Contribute to the development of reusable engineering patterns, playbooks, and technical standards
  • Provide technical guidance and knowledge sharing to team members and IT partners
  • Participate in design reviews to ensure implementations align with firm architecture principles

Communication & Awareness
  • Ensure information is openly communicated and shared with other members of the Global Security Team
  • Educate Mayer Brown's employees on the benefits of security to the organization, themselves, and their working environment
  • Keep the Security Awareness site on GlobalNet updated with current material
  • Develop and maintain documentation related to Global Security Team operations, functions, and engineering procedures

Operational Support & General Responsibilities
  • Ensure adherence to change control processes and communicate impacts to partners and staff
  • Monitor methods of physical data security, such as the storage of backup media, and propose/implement any changes where necessary
  • Manage projects and tasks related to the Firm as directed by the Assistant Director: Global Information Security
  • Keep abreast of emerging security threats, technologies, and industry practices
  • Perform other duties as assigned or required to meet Firm goals and objectives


Qualifications, Experience and Personal Attributes

Education/Training/Certifications:
  • Bachelor's degree in a related field. An equivalent combination of education and/or experience may be considered in lieu of the degree when the experience has been directly related to the functions of the job
  • CISSP certification preferred
  • Cloud security certifications/training preferred
  • Knowledge of AI/GenAI security concepts preferred

Professional Experience:
  • 5+ years of experience in an Information Security department, with hands-on engineering and implementation responsibilities
  • Demonstrated experience implementing security controls in cloud-first environments (e.g., Azure, Microsoft 365, SaaS platforms)
  • Experience supporting incident response, DLP operations, and vulnerability management activities

Technical Skills:
  • Excellent working knowledge of security engineering concepts aligned with CISSP domains required
  • Excellent working knowledge of networking and security standards required
  • Good knowledge of ISO 27001/27002 and NIST frameworks preferred
  • Strong technical knowledge of cloud environments such as Azure, Microsoft 365, and O365
  • Experience with identity and access management concepts (e.g., least privilege, privileged access, conditional access, SAML/OIDC)
  • Familiarity with DLP incident handling, remediation, and reporting; experience with data protection tooling (e.g., Microsoft Purview) preferred
  • Familiarity with enterprise security tooling such as Microsoft Defender for Endpoint, Thales, CrowdStrike Falcon, CrowdStrike NG-SIEM, CyberArk, Rapid7, and Palo Alto is a plus
  • Good documentation skills and authentication methods experience required
  • Good knowledge of Disaster Recovery preferred
  • Experience in securing AI-driven systems and leveraging AI tools
  • Proficiency in Microsoft Office products

Performance Traits:
  • Strong written and verbal communication skills, able to communicate and negotiate effectively and in a professional manner with all levels of the Firm and outside vendors
  • Ability to work in a diverse global team environment and effectively support the demanding needs of the Firm
  • Ability to work under pressure, meet deadlines with shifting priorities
  • Must be a self-starter with a high level of initiative
  • Strong customer service skills, able to anticipate needs and exercise independent judgment
  • Strong attention to detail, organizational skills, and the ability to handle multiple projects
  • Maintains confidentiality and exercises discretion
  • Exercises solid strategic thinking and problem-solving skills
  • Ability to weigh business needs against security concerns and articulate issues to customers and management
  • Willingness to challenge the status quo

Physical Requirements:
  • Willing to travel 20% domestically / internationally
  • May require occasional lifting of up to 20 lbs.


This description is not exhaustive, and the Firm may modify it at any time at its sole discretion; nothing herein creates an employment contract or alters the at-will nature of employment.

We offer competitive compensation and comprehensive benefits, including medical/dental/vision/life/and AD&D insurance, 401(k) savings plan, back-up childcare and eldercare, generous paid time off (PTO), as well as opportunities for professional development and growth.

#LI-HYBRID #LI-PT1

Posted Pay Range

The typical pay scale for this position is between USD $135,000.00/Yr. and USD $180,000.00/Yr., although the actual wage or salary could be lower or higher if the candidate's education, experience, skills and internal pay alignment are different from those specified.

About Mayer Brown

Mayer Brown is a global law firm. It has offices in 26 cities across the Americas, Asia, Europe, and the Middle East, with its largest offices being in Chicago, Washington, D.C., New York City, Hong Kong, and London. Mayer Brown has more than 1,800 lawyers and by revenue is the 19th largest law firm in the world.
Learn more about Mayer Brown
Industry
Founded
1863

Similar Jobs

More Jobs at Mayer Brown

More Information Technology Jobs

Find similar Lead Engineer: Information Security jobs: