Cybersecurity Engineer, Mid-Level

Jobright is an AI-powered career platform that helps job seekers discover the top opportunities in the US. We are NOT a staffing agency. Jobright does not hire directly for these positions. We connect you with verified openings from employers you can trust.

Job Summary:

Brownstein Hyatt Farber Schreck is a Consulting company. The Cybersecurity Engineer plays a critical role in protecting the firm’s information assets, ensuring compliance with industry regulations, and safeguarding sensitive data. This position requires a proactive individual with a strong technical background to design and implement security measures across the organization.

Responsibilities:

• Design, implement, and maintain security infrastructure including cloud security, firewalls, IDS/IPS, Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Privileged Access Management (PAM), vulnerability management, and email security platforms

• Evaluate and recommend new security technologies and tools to enhance the firm’s security posture

• Monitor security events and alerts to detect suspicious activity and security breaches

• Perform log analysis and correlation to identify anomalies or indicators of compromise

• Investigate and respond to notable security events, escalating to senior staff as needed

• Perform root cause analysis of notable events and cybersecurity incidents, implement corrective actions, and provide recommendations to prevent future occurrence

• Design, implement, and maintain SOAR playbooks to automate repetitive security operations tasks and incident response procedures

• Integrate SOAR platforms with various security tools (SIEM, EDR, threat intelligence feeds, ticketing systems, etc.) using RESTful APIs and custom connectors

• Develop and maintain scripts (Python, PowerShell, Bash, etc.) to support automation of security processes and data enrichment

• Conduct vulnerability assessments and penetration testing to identify weaknesses in the firm’s systems and network

• Manage security infrastructure patch management processes to ensure timely resolution of security vulnerabilities

• Assist in the development and maintenance of security policies, procedures, and standards

• Support the firm’s compliance with outside counsel guidelines, industry regulations, and legal requirements (e.g., ISO 27001, GDPR, CCPA/CPRA)

• Support audits, client security assessments, and third-party risk management processes

• Work closely with IT, Human Resources, Facilities, Legal, and other teams to ensure alignment with security practices

• Participate in disaster recovery and business continuity planning and testing

• Conduct security awareness and training for employees to mitigate risks related to phishing, social engineering, and other cyber threats

• Develop and distribute educational materials to raise awareness of security best practices

• Document cybersecurity incidents, investigation results, and remediation actions taken

• Prepare periodic reports and status updates on projects, tasks, key performance indicators, incidents, and risks for senior management and stakeholders

Qualifications:

Required:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, a related field, or equivalent experience

• At least 3 years of experience in an information security role, preferably within a law firm or other regulated industry

• Strong knowledge of network security, endpoint protection, identity and access management, and cloud security

• Deep understanding of TCP/IP, DNS, VPNs, and encryption protocols

• Proficiency with security tools such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Privileged Access Management (PAM), vulnerability management, and email security platforms

• Proficiency in scripting languages (e.g., Python, PowerShell) and experience with API integration and JSON/XML data handling

• Experience with Microsoft Defender for Cloud, Azure security tools, and hybrid cloud environments

• Experience with security standards and risk management frameworks (e.g., ISO 27001, CIS Controls, NIST, MITRE ATT&CK)

• Experience with log analysis, threat hunting, and forensic investigations

• Familiarity with Zero Trust architecture and secure software development practices

• Familiarity with Microsoft Purview

• Familiarity with data privacy and regulatory requirements (e.g., GDPR, CCPA/CPRA, HIPAA, PCI-DSS)

• Knowledge of eDiscovery platforms, legal practice management systems, and document management systems

Preferred:

• Industry-recognized certifications such as CISSP, CISM, CEH, GIAC, or Microsoft Security preferred

Company:

Brownstein Hyatt Farber Schreck is a Consulting company. Founded in 1968, the company is headquartered in Denver, Colorado, USA, with a team of 501-1000 employees. The company is currently Late Stage.