Cyber Security Architecture Manager

The Cyber Security Architecture Manager is responsible for planning and designing the roadmap to enable digital security, physical security, and risk teams to execute their missions efficiently. The Cyber Security Architecture Manager works with operations teams and process owners to ensure that all security-related tools, such as endpoint visibility and continuous monitoring technologies, interoperate coherently and are fit for purpose. The Cyber Security Architecture Manager collaborates with Information Technology to ensure that the computing environment for lawyers and staff is engineered to produce secure outcomes by default, while imposing the smallest possible tax on productivity. This role is highly technical and is not operations-oriented.

Duties and Responsibilities

• Builds the roadmap for critical security technologies that support the missions of the Cybersecurity Operations, Physical Security & Safety and Risk Operations teams, including those used for:
  • building secure computing enclaves to protect highly sensitive data.
  • protecting desktops, servers, and infrastructure from attack with appropriate defensive technologies.
  • providing visibility into the security state of servers, desktops, mobile devices, applications, databases, and infrastructure.
  • detecting security events by collecting and analyzing security logs and related telemetry from servers, desktops, mobile devices, applications, databases, and infrastructure.
  • responding to security, privacy, and workplace incidents efficiently.
  • recovering from attack with minimal disruption to operations.
• Recommends vendors of critical technology, in consultation with security and technology process owners, including the Cybersecurity Operations, Physical Security & Safety, Risk Operations, Information Technology, and Practice Services and Support teams.
• Documents the design and inter-operations of the critical security technologies described above to ensure that they are rational, compensating or de- conflicted as appropriate to the situation, cost- effective, coherent, and interoperable.
• Serves as the senior subject matter expert during implementation of critical technologies by firm technology asset or process owners, cloud vendors, contractors, or managed services providers, as appropriate.
• Provides input to Accountability Plan containing methods, procedures, and planned reviews for continuing accreditation and authorization against associated controls.
• Maintains the Firm’s technical standards for event logging, collection, analysis, and alerting.
• Defines and maintains and the Cybersecurity Five-Year Plan for future-proofing the Firm against unknown threats.
• Defines, hires, and retains the talent necessary to ensure that all of the responsibilities described above are suitably staffed.
• Perform other duties as assigned.

Qualifications

• Bachelor’s degree preferred; advanced degree and CISSP certification preferred.
• Requires 7+ years’ experience in cybersecurity, with 5+ years’ experience designing or implementing security solutions, running security architecture programs, SIEM rationalization initiatives, endpoint agent collapse programs, or other cyber transformation projects, including all related documentation and artifacts.
• Expert working knowledge of IAM, SIEM, NDR, E/XDR tools, Windows desktop and server security tools and topics, Azure security, Windows Event logging, syslog, and related telematics topics.
• Exceptional interpersonal skills; success in the role requires the ability to influence and persuade.
• Excellent written and oral communications skills.
• Position requires access to equipment, software, or technology that is subject to U.S. export controls. To be granted access pursuant to US Export Control laws, candidate must be either (a) a United States citizen or national; (b) a person lawfully admitted for permanent residence of the United States (i.e., “Green Card” holder); or (c) an INSapproved refugee or asylum holder who has applied for naturalization within six months of the date the individual first became eligible; and if not yet naturalized, is still actively pursuing naturalization if 2 years have passed since the date of application to be granted access pursuant to US Export Control laws. Candidates will be required to submit appropriate documentation to determine whether access can be granted before proceeding further through the application process.