Cyber Security Architecture Manager Washington DC
Job ID: 16945
Summary: The Cyber Security Architecture Manager is responsible for planning and designing the roadmap to enable digital security, physical security, and risk teams to execute their missions efficiently. The Cyber Security Architecture Manager works with operations teams and process owners to ensure that all security-related tools, such as endpoint visibility and continuous monitoring technologies, interoperate coherently and are fit for purpose. The Cyber Security Architecture Manager collaborates with Information Technology to ensure that the computing environment for lawyers and staff is engineered to produce secure outcomes by default, while imposing the smallest possible tax on productivity. This role is highly technical and is not operations-oriented.
Duties and Responsibilities:
•Builds the roadmap for critical security technologies that support the missions of the Cybersecurity Operations, Physical Security & Safety and Risk Operations teams, including those used for:
• building secure computing enclaves to protect highly sensitive data.
• protecting desktops, servers, and infrastructure from attack with appropriate defensive technologies.
• providing visibility into the security state of servers, desktops, mobile devices, applications, databases, and infrastructure.
• detecting security events by collecting and analyzing security logs and related telemetry from servers, desktops, mobile devices, applications, databases, and infrastructure.
• responding to security, privacy, and workplace incidents efficiently.
• recovering from attack with minimal disruption to operations.
•Recommends vendors of critical technology, in consultation with security and technology process owners, including the Cybersecurity Operations, Physical Security & Safety, Risk Operations, Information Technology, and Practice Services and Support teams.
•Documents the design and inter-operations of the critical security technologies described above to ensure that they are rational, compensating or de conflicted as appropriate to the situation, cost effective, coherent, and interoperable.
•Serves as the senior subject matter expert during implementation of critical technologies by firm technology asset or process owners, cloud vendors, contractors, or managed services providers, as appropriate. Provides input to Accountability Plan containing methods, procedures, and planned reviews for continuing accreditation and authorization against associated controls.
•Maintains the Firm’s technical standards for event logging, collection, analysis, and alerting.
• Defines and maintains the Cybersecurity Five-Year Plan for future-proofing the Firm against unknown threats.
•Bachelor’s degree preferred; advanced degree and CISSP certification preferred.
•Requires 7+ years’ experience in cybersecurity, with 5+ years’ experience designing or implementing security solutions, running security architecture programs, SIEM rationalization initiatives, endpoint agent collapse programs, or other cyber transformation projects, including all related documentation and artifacts.
Salary range – $143k – 200k plus