OverviewFoley is currently seeking a Senior Security Engineer to join the Architecture team in our Information Security department. TheSenior Security Engineerisresponsible for engineering and implementing solutions to enhance the Firm27s security infrastructure. A core part of the role involves close collaboration with the broader Information Security team, internal IT, and business units to secure both new and existing solutions across the technology environment. The role focuses on existing and emerging technologies, with a particular emphasis on cloud, AI and agentic AI security. A key responsibility will be helping to establish code review and security scanning processes for internally developed applications, including future use of static/dynamic analysis solutions to assess AI tools and software built by internal teams. Additional responsibilities include implementing and maintaining robust security controls for technology infrastructure and cloud platforms, while ensuring the secure integration, protection, and governance across a broad range of systems and solutions.
The role also serves as an escalation resource for the Information Security Operations team, providing advanced expertise and support. As part of a small team, this role provides security guidance across the technology environment, helping to mature the security control framework, develop tailored solutions, and strengthen overall security posture. This person will act as a security advocate, advising key stakeholders on technology risk management and balancing security with business needs through effective mitigation strategies, ensuring the safe adoption of cloud, AI, and related technologies.
Responsibilities
- Work in active partnership with key stakeholders to perform security architecture risk reviews.
- Develop and implement advanced-level Cloud and AI Security solutions.
- Support and advance the overall Information Security technology roadmap.
- Provide recommendations for advancing the Information Security program, security policies, and security control standards to enhance operational practices.
- Create and maintain Information Security standards applicable to all technologies in the portfolio.
- Provide requirements, guidance, and vision to the vendor community to cultivate the appropriate combination of technology and feature capabilities to meet current and future security requirements.
- Execute on infrastructure threat and vulnerability management processes.
- Ensure security systems are upgraded by monitoring security environment, identifying security gaps and evaluating and implementing enhancements.
- Define, develop and maintain metrics and measurements for information security controls and processes.
- Respond to security-related issues, problems, crises, and critical situations to support resolution and minimize downtime.
- Acts as a senior-level point of contact for incident investigations and minor security events (e.g., unauthorized access, non-compliance with Firm policies, fraud, service disruptions, etc.) to determine malfunctions, breaches, and remediation steps.
- Responsible for Information Security technology selection process to include requirements consolidation into RFI/RFP/RFQ, testing, POC, selection and deployment.
- Support audits against internal and industry process, quality, and security standards; drive initiatives and remediation efforts to correct non-conformance.
- Provide Information Security consulting on security related issues.
- Collaborate with peers to identify and implement improvement initiatives across the Firm, processes and toolsets.
- Manage multiple, parallel projects using formal project planning techniques.
- Ability to work evening and weekend hours as needed or directed. Some travel may be required.
Qualifications
- High School Diploma or equivalent required; Associate's Degree or Bachelor's Degree preferably in Engineering, Information Technology, Computer Science, or similar strongly preferred.
- Minimum of five (5) years in a professional technical Information Technology role required.
- Minimum of three (3) years of hands-on experience in Information Security with Cloud Security or AI/Agentic AI exposure required.
- One or more of the following: CISSP, Microsoft Azure AZ-104 & AZ-500, CCSP, CCSK, CPT/CEH strongly preferred.
- Certification(s) specializing in Cloud Security. or AI/Agentic AI Security strongly preferred.
In support of transparency and equity in the workplace, Foley provides salary ranges for all positions. The figures below represent the full compensation range of this position. The actual offered amount will be between the range minimum and midpoint based on the following factors: education, experience, geographic market, and internal pay equity at Foley.Milwaukee - $104,400 to $156,600Chicago, Dallas - $114,800 to $172,300