Lead Security Engineer

At Seyfarth, we understand that great people are the key to our success, and we provide the opportunities to match. If you join us, you’ll work with state-of-the-art technology in a friendly and professional environment, and we will continue to invest in your professional development. If you want the freedom to grow at a firm that is invested in your future, keep reading.

The Lead Network Security Engineer serves as a technical leader and subject‑matter expert responsible for the architecture, implementation, and governance of the firm’s security infrastructure across on‑premises and cloud environments. The role requires security expertise across multiple technologies, strong architectural thinking, and the ability to lead initiatives. This position has no direct reports, but provides guidance to other team members.  The Lead has more expertise and experience, authority to supervise/lead complex security projects.

Network Security Engineering

• Serve as the primary engineer and technical authority for Palo Alto firewalls, Panorama, GlobalProtect, Cisco Umbrella and Azure‑based firewalls.
• Define security standards, policies, and patterns for firewall management, VPN connectivity, and cloud‑integrated network security.
• Lead major upgrades, migrations, and platform improvements across the security infrastructure stack.
• Evaluate emerging technologies and recommend strategic adoption paths.
• Provide cross team support and security recommendation for various platforms in the environment such as Gigamon, Security Onion, RunZero, Firemon and other Linux based platforms.
• Understanding of networking technology fundamentals of IPv4, Various TCP/UDP protocols and applications (DNS, DHCP, IPSec, VPN etc).
• Understanding of Identity and Access Management technologies such as Active Directory, Azure Entra, Privileged Access Management and MFA tooling.

Cross-Functional Collaboration & Escalation

• Act as the highest‑level escalation point for complex security, networking, and systems issues.
• Collaborate closely with other Information Technology and Information Security teams to ensure aligned and secure designs.
• Lead security fault‑finding efforts using advanced diagnostic and penetration‑testing‑derived techniques.
• Assist with the coordination and facilitation of red‑team and penetration‑test engagements, ensuring technical readiness and remediation alignment.
• Experience supporting digital forensics, Security Operations Center, and incident analysis workflows.
• Monitor and respond to cybersecurity threats, including ransomware, phishing, and insider threats targeting legal data.

Leadership & Soft Skills

• Ability to mentor an guide engineers, elevating team expertise across security domains.
• Strong communication skills to interface with leadership, vendors, and technical stakeholders.
• Demonstrated success managing complex projects involving multiple teams and vendors.
• Proven ability to translate technical risk into meaningful business impact.
• Assist with educating attorneys and staff on cybersecurity best practices, including secure communication, data handling, and remote work products.
• Detail-oriented, thorough and analytical, with capability to apply logic to solve problems.
• Initiative to actively seek new knowledge and improve skills.

Identify

• Develop and maintain a comprehensive security architecture that maps to the firm’s legal operations, data flows, and risk profile.
• Assist with conducting regular risk assessments and threat modeling for legal systems, client data repositories, and third-party integrations.
• Assist with maintaining an inventory of critical assets, including case management systems, document repositories, and privileged communication channels.
• Collaborate with legal, compliance, and IT teams to define security requirements based on regulatory obligations (e.g., ABA, GDPR, HIPAA).

Protect

• Design and maintain a secure enterprise architecture and layered security controls that protects client confidentiality, privileged communications, and sensitive legal data. This applies across endpoints, networks, cloud services, and mobile platforms.
• Develop and enforce security policies and procedures aligned with legal industry standards (e.g., ABA cybersecurity guidelines, ISO 27001, NIST ad CIS controls).
• Architect secure and strategic solutions for cloud-based legal platforms, remote access, and mobile device usage by attorneys and staff.
• Ensure compliance with data protection regulations such as GDPR, HIPAA (for healthcare-related cases), and client-specific contractual obligations.
• Work with project teams to plan and implement security best practices in architecture and design
• Collaborate with legal operations, IT, and compliance teams to integrate security into case management systems, eDiscovery platforms, and billing systems.
• Assist with vendor risk management, especially for third-party legal tech providers, cloud services, and external counsel platforms.
• Monitor and respond to cybersecurity threats, including ransomware, phishing, and insider threats targeting legal data.
• Assist with educating attorneys and staff on cybersecurity best practices, including secure communication, data handling, and remote work protocols.

Detect

• Working with the SEC Ops Lead, deploy and manage monitoring tools to detect anomalous activity across legal systems, including unauthorized access to client files or privileged communications.
• Working with the SEC Ops Lead, integrate SIEM and threat intelligence platforms to identify potential threats targeting legal workflows or sensitive data.
• Working with the SEC Ops Lead, define and maintain detection rules and alerts specific to legal use cases (e.g., unusual access to case files, mass downloads).

Respond

• Working with the SEC Ops Lead, assist with incident response and digital forensics efforts, ensuring chain-of-custody and evidence preservation when required.
• Working with the Director of IT Security & Risk and the Sr. Director of IT and Security, report on security posture and risk exposure to firm leadership, including General Counsel, CIO, and Managing Partners.

Recover

• Assisting with the development and maintenance of recovery plans for critical legal systems, ensuring minimal disruption to client services and casework.
• Assist with lead post-incident reviews and implement architectural improvements based on lessons learned.

• Hands-on technical knowledge of routers, switches, firewalls and intrusion detection and prevention system
• Strong understanding of data encryption standards, solutions and best practices
• Scripting and debugging skills preferred
• Detail-oriented, thorough and analytical, with capability to apply logic to solve problems
• Initiative to actively seek new knowledge and improve skills
• Able to effectively prioritize tasks in a high-pressure environment
• Strong understanding of Internet standards and protocols
• Strong understanding of data privacy practices and laws
• Understanding of micro-segmentation technology
• Bachelor’s Degree or Equivalent Experience
• At least eight years’ experience in a technical information security position, preferably within a large global, multisite environment.

Seyfarth provides competitive salary and benefits at all levels, and our culture embraces the entrepreneurial spirit of its professionals like no other firm. Our professional staff are a collaborative team, helping to define the unique client experience offered by the firm. We understand that it takes more than attorneys to build a successful legal practice; everyone participates in our commitment to excellence. 

With more than 975 lawyers across 17 offices, Seyfarth Shaw LLP provides advisory, litigation, and transactional legal services to clients worldwide. Learn more about The Seyfarth Experience at www.seyfarth.com/careers/. 

Seyfarth Shaw is committed to equal employment opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, military and veteran status, gender identity or expression, genetic information, change of sex or transgender status, genetic information or any other basis protected by federal, state or local law.

If you would like more information about your EEO rights as an applicant under the law, please click EEO is the LAW and the Supplement poster through the following link: https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf

Chicago, IL: The full time salary range for this role is $212,000 to $230,000 annually, which is based on a 40 hour work week.

Dallas, TX: The full time salary range for this role is $204,000 to $220,000 annually, which is based on a 40 hour work week.

Houston, TX: The full time salary range for this role is $206,000 to $222,000 annually, which is based on a 40 hour work week.

This is the lowest to highest salary we in good faith believe we would pay for this role in the locations listed above at the time of this posting. An employee’s pay within the salary range will be based on numerous factors including, but not limited to, relevant education, qualifications, experience, skills, geographical location and business or organizational needs. This job is also eligible for an annual merit increase and bonus pay. 

We offer a comprehensive package of benefits including paid time off, medical/dental/vision insurance, and 401(k). 

This position is based in Atlanta, GA 30309

This position is based in Charlotte, NC 28202

This position is based in Chicago, IL 60606

This position is based in Dallas, TX 75201

This position is based in Florida

This position is based in Houston, TX 77002

#LI-Remote