|Published||May 7, 2022|
At Morgan & Morgan, the work we do matters. For millions of Americans, we’re their last line of defense against insurance companies, large corporations or defective goods. From attorneys to client support staff, creative marketing to operations teams, every member of our firm has a key role to play in the winning fight for consumer rights. Our over 3,000 employees are all united by one mission: For the People.
We are continuing to impact the ever-changing space of technology. To support our vision in delivering the premier client/attorney experience, we are seeking a Cloud Security Engineer who will contribute to the execution of the firm's technology transformation strategy, cloud architecture and assist in the design and implementation of security controls around cloud-based applications, across all types (including SaaS). This role is a critical component to our growth strategy and the implementation of ground breaking technologies.
- Act as the security subject matter expert for Software as a Service and Cloud-based technologies
- Assist in securing O365, Azure, AWS, GCP, and other cloud platforms/services
- Deploy cloud security controls based on industry recognized good practice
- Creating cloud-specific security policies, standards and procedures including identity and access management, SSO, firewall management, and vulnerability management
- Performing cloud security assessments of cloud platforms/environments using industry standard frameworks such as CIS, ISO, and NIST.
- Executing on cloud security engagements during different phases of the lifecycle assess, design, and implementation.
- Troubleshooting and resolving complex security issues in cloud environments, applying fundamental systems security understanding, skills, expertise, and experience
- Ensuring that relevant threat and vulnerability data is considered in support of security-relevant decisions
- Providing input to analyses of alternatives and to requirements, engineering, and risk trade-off analyses to achieve a cost-effective and mission/business success.
- 7+ years’ experience as a Security Engineer in a medium to large organization
- Experience with Microsoft Identity and Access Management/Single-Sign-On (SSO) solutions and securing Azure environments
- Expert experience developing, implementing, and maintaining security polices, standards, and procedures
- Enterprise experience managing a Qualys, Tenable, Rapid7 or other industry recognized vulnerability management platform
- Expert knowledge of industry recognized Web Application Firewall solutions
- Required any of the following active certifications:
- Microsoft Certified: Azure Solutions Architect Expert or Azure Security Engineer Associate
- Microsoft 365 Certified: Security Administrator Associate or Enterprise Administrator Expert
- Google Certified: Cloud Engineer or Cloud Architect
- ISC CCSP Certified Cloud Security Professional
Self-motivated, ambitious, and action orientedEmbody trust, dignity, integrity and accountabilityPractitioner of autonomous competitive learning
Morgan & Morgan is a leading personal injury law firm dedicated to protecting the people, not the powerful. This success starts with our staff. For full-time employees, we offer an excellent benefits package including medical and dental insurance, 401(k) plan, paid time off and paid holidays.
Equal Opportunity Statement
Morgan & Morgan provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the I-9 Form.