About the Firm

Mayer Brown is an international law firm positioned to represent the world's major corporations, funds, and financial institutions in their most important and complex transactions and disputes. We are recognized by our clients as strategic partners with deep commercial instincts and a commitment to creatively anticipating their needs and delivering excellence in everything we do.

We are a collegial and collaborative firm where highly motivated individuals with an unwavering commitment to excellence receive the opportunity, support, and development they need to grow, thrive, and realize their greatest potential all while supporting the Firm's client service principles of excellence, strategic partnership, commercial instinct, integrated strengths, innovation, and collaboration across our international firm.

If you enjoy working with team members whose defining characteristics are exceptional client service, initiative, professionalism, responsiveness, and adaptability, you may be the person we are seeking to join our IT department in our Singapore office, as a Global Security Engineer.

The Role

• Ensures that Mayer Brown, LLP has a secure architecture for authorization and authentication internally, as well as business to business
• Ensures that all security risks are managed and communicated clearly and effectively
• Implement security architecture of the firm related to transition to cloud (e.g., Azure, Teams/O365 and iManage Cloud)
• Develops and maintains all documentation related to Global Security Team operations and functions
• Ensures that information is openly communicated and shared with other members of the team
• Ensures that objectives are achieved by working closely with all members of the Firm departments as necessary and in collaboration with the Global Director of Information Security and Global Security team
• Ensures that change controls are adhered to and communicated to the partners and staff
• Keeps abreast of all specific security issues
• Analysis of data collected from established Data Loss Prevention system(s) and methods to ensure compliance with Firm policies
• Manages DLP systems and processes as required
• Assists in defining DLP policies to protect firm and client assets
• Defines incident response workflow for DLP positive hits
• Develops metrics for measuring effectiveness of the DLP solution
• Assists in the preparation, approval, implementation and adherence of the Information Security Policies within the Firm
• Manages projects and tasks related to the Firm as directed by the Global Assistant Director of Information Security
• Detects and responds to all incidents of an information security nature within the Mayer Brown environment
• Maintains and coordinates incident response planning, assisting in execution of the incident response plan as needed
• Identifies and communicates to management the cause of all information security incidents, making recommendations as to how the specific incidents can be mitigated in the future
• Controls access to the Firm's Information Systems and related security configuration
• Participates fully in all efforts to develop security policies to meet client or other compliance requirements
• Ensures monitoring and alert notifications are implemented in accordance with the business needs
• Assist in preparing and completing risk assessments for vendors, projects, and systems.
• Assists in the development and authorization process of all new IT policies introduced, ensuring that the necessary security audits and tests are carried out prior to being introduced into production
• Manages the review of the security program by an approved independent party and ensure any gaps are addressed
• Monitors methods of physical data security, such as the storage of backup media, and propose/implement any changes where necessary
• Ensures whenever possible that undesirable use of IT facilities is prevented/minimized at all times
• Educates Mayer Brown's employees in the benefits of security to the organization, themselves and their working environment
• Collaborates with other staff in IT to ensure that security standards are developed and enforced in implementing or upgrading firm technology
• Keep Security Awareness site on Global Net updated with current material
• Perform investigations as requested by Human Resources, Information Technology or General Counsel executing searches and producing output as required by the Firm
• Plan for Business Continuity and Disaster Recovery
• Performs other duties as assigned or required to meet Firm goals and objectives
• Willing to travel 20% domestically / internationally

Qualification and Experience

• Bachelor's degree in a related field. An equivalent combination of education and/or experience may be considered in lieu of the degree when the experience has been directly related to the functions of the job
• CISSP or CEH certification preferred
• 5 years of experience in an Information Security department
• Excellent working knowledge of CISSP, CEH required
• Excellent knowledge of the ISO 27002 standard preferred
• Excellent working knowledge of networking and security standards required
• Good documentation skills and authentication methods experience required
• Excellent knowledge of a network/firewall security preferred
• Good knowledge of Disaster Recovery preferred
• Strong technical knowledge of cloud environments such as Azure/O365
• Familiarity with DLP incident handling, remediation, and reporting
• Proficiency in Microsoft Office products
• Experience in securing AI-driven systems and leveraging AI tools
• Familiar with Microsoft Defender for Endpoint, CyberArk, Rapid7, Palo Alto and SIEM products is a plus
• Strong written and verbal communication skills, able to communicate and negotiate effectively and in a professional manner with all levels of the Firm and outside vendors
• Ability to work in a diverse team environment and effectively support the demanding needs of the Firm
• Ability to work under pressure, meet deadlines with shifting priorities
• Must be a self-starter with a high level of initiative
• Strong customer service skills, able to anticipate needs and exercise independent judgment
• Strong attention to detail, organizational skills and the ability to handle multiple projects
• Maintains confidentiality and exercises discretion
• Exercises solid strategic thinking and problem-solving skills
• Ability to weigh business needs against security concerns and articulate issues to customers and management
• Willingness to challenge the status quo
• May require occasional lifting of up to 20 lbs