IT Security Senior Engineer

We are a Firm where people truly believe in what they do and strive to achieve the highest standards of performance and success.

This position is based in the Firm's global operations center in Tampa, FL.

General Description

We are seeking an IT Senior Security Engineer to join our team. The IT Senior Security Engineer will assist the IT Security Engineering Manager in defining, designing, and implementing security solutions across the Firm’s infrastructure. This position will work in conjunction with other IT teams to enhance system security and protect Firm data and technical assets.

Key Responsibilities And Essential Job Functions

• Lead the research, analysis, design, testing, implementation, and operations of enterprise security engineering solutions to meet Firm requirements.
• Participate in the evaluation, development, implementation, and communication of security standards, procedures, and guidelines for multiple platforms and diverse systems environments.
• Evaluation of new and existing security technologies.
• Provide technical expertise and support to clients, IT management, and staff in the implementation of security/protection technologies in relation to network, systems, and applications.
• Function as a security expert resource (SME) to management and staff in all phases of the development and implementation of projects.
• May lead projects and provide guidance/training to less experienced staff.
• Provide technical assistance in the validation and evaluation of security alerts or incidents.
• Performs issue and problem resolution and general security operations support.
• Assists with security-related investigations and incident response activities and provides system forensics and investigative services.
• Provide periodic “on call” support of security operations during non-business hours.
• Review change requests from a security perspective, understand and determine associated risk levels and make recommendations for approval or denial based on the risk presented.
• Ability to understand, prioritize and complete tasks by working independently or in a team.
• Assist in the growth and development of the incident response team to act quickly and accurately during emergency situations.
• Participate in the development and delivery of an information security awareness program.
• Approaches all problems, projects, and incidents with a prominent level of professionalism, objectivity and an open mind to innovative ideas and solutions.
• Analyzes and identifies areas where automation can be used in the deployment of modern technology to support effective resource management.
• Maintain knowledge of vendor products, services and security technologies and recommend/implement their use.
• Expected to maintain a regular and predictable work schedule and full attention to and engagement in work activities on behalf of the firm during business hours unless otherwise approved or required by applicable law.
• Special projects and duties as assigned.
  
  

Required Skills

• Effective communication and collaboration skills.
• Strong analytical critical thinking skills.
• Ability to rapidly learn and apply advanced and emerging technical security principles, theories, and concepts.
• Exceptional analytical ability, communication and project management skills, documentation, and the ability to collaborate effectively with clients, IT management and staff, vendors, and consultants.
  
  

Required Qualifications & Education

Bachelor’s degree in computer science, information security, or information security.

8 years of technical hands-on experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols (Network topologies (WAN/LAN, protocols), SIEM, Encryption technologies, TCP/IP stack, Multi-factor authentication, Authentication/Authorization, Web Application Firewall, Firewalls, IPS/IDS, DLP, HIPS, File Integrity Monitoring, Enterprise anti-malware solutions, Vulnerability management/penetration testing, Database security, wireless security, OS hardening and security best practice or an equivalent combination of education and work experience.

Demonstrated advanced security knowledge across Microsoft Azure and Amazon Web Services (AWS) cloud environments, including the areas outlined below.

• Identity and access management (Microsoft Entra ID/Azure AD; AWS IAM), including least-privilege design, role-based access control, and privileged access governance.
• Key management and encryption (Azure Key Vault; AWS Key Management Service (KMS)), including certificate/secret lifecycle management and encryption at rest and in transit.
• Security logging, monitoring, and alerting (Azure Monitor and Microsoft Sentinel; AWS CloudTrail and Amazon CloudWatch), including centralized log collection and correlation.
• Network security controls (Azure Network Security Groups (NSGs) and Azure Firewall; AWS Security Groups and Network ACLs (NACLs)), including segmentation and ingress/egress control.
• Cloud security posture management (CSPM) and configuration assessment (Microsoft Defender for Cloud; AWS Security Hub and AWS Config), including policy evaluation and remediation tracking.
• Threat detection and response (Microsoft Sentinel; Amazon GuardDuty), including triage, investigation support, and incident escalation.
• Demonstrated familiarity with cloud networking concepts and core services in Azure and AWS (e.g., Azure Virtual Networks (VNets) and AWS Virtual Private Clouds (VPCs), routing, private connectivity, and network segmentation).
• Experience with Windows and Linux operating systems, databases, and security capabilities.
  
  

Preferred Qualifications & Education

• Current SANS, ISC2, and/or other security certifications preferred.
• Familiarity with Azure Kubernetes Service (AKS), including cluster security fundamentals (RBAC, network policies, and secrets management).
• Demonstrated automation capability through scripting (e.g., PowerShell and Python) to support security operations, reporting, and repeatable engineering deployments.
  
  

Physical Requirements

• Ability to sit or stand for extended periods of time.
• Moderate or advanced keyboard usage
  
  

Benefits: Our goal is to promote a work environment in which individuals have access to the resources they need to be their best both professionally and personally, which includes resources that encourage individuals to focus on their health and well-being.

Below are the benefits we offer: comprehensive medical (PPO and HDHPs), dental and vision plans including coverage for domestic partners; life and AD&D insurance; short and long term disability insurance; tax-advantaged accounts for health care expenses, including FSAs and HSAs; FSAs for dependent care; health advocacy services; behavioral health and counseling resources for all family members; 401(k); profit sharing; backup dependent care; senior care planning support; resources for individuals with development disabilities and their caregivers; and paid holidays and other paid time off, including paid leave for new parents.

Holland & Knight is an Equal Opportunity Employer and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth or related conditions, transgender status, and sexual orientation), national origin, age, disability, genetic information, veteran status or any other factor prohibited by law.

Applicants who are interested in applying for a position and require an accommodation during the process should contact ApplicantAccommodations@hklaw.com.

Personal Information collected from applicants will be used for the purpose of processing the application throughout any recruitment or employment process, as well as inclusion in a personnel file. Categories of data collected may include name, address, phone numbers, email, Social Security Number, and signature. Holland & Knight may collect further information if you consent to a background check. This includes criminal background, employment, and certifications. Please visit Legal Information Portal for Holland & Knight LLP’s privacy policies.