Information Security Engineer
About Ropes & Gray
Ropes & Gray is a preeminent global law firm. The firm has been ranked in the top three on The American Lawyer's prestigious A-List for eight consecutive years and #1 on Law.com's UK A-List twice in the past three years - rankings that honor the "best of the best" law firms. The firm has approximately 2,500 lawyers and professionals serving clients in major centers of business, finance, technology, and government in Boston, Chicago, Dublin, Hong Kong, London, Los Angeles, Milan, New York, Paris, San Francisco, Seoul, Shanghai, Silicon Valley, Singapore, Tokyo and Washington, D.C. The firm has consistently been recognized for its leading practices in many areas, including asset management, private equity, M&A, finance, real estate, tax, antitrust, life sciences, health care, intellectual property, litigation & enforcement, privacy & cybersecurity, and business restructuring.
Overview
The Information Security Engineer implements, manages, and maintains the firm's information security infrastructure, empowers the firm's secure adoption of AI technologies, and responds to and investigates information security incidents to closure or escalation. The Information Security Engineer is a highly experienced, hands-on technologist with a professional foundation in network engineering, systems engineering, software development, cloud infrastructure engineering, or a related IT discipline, serving as the technical lead and subject matter expert for the implementation, administration, and maintenance for assigned information security technologies deployed by the firm.
Responsibilities
- Excellent customer service skills and sense of urgency when resolving issues
- Strong knowledge of information security principles and practices
- Hands-on experience supporting hardware, software, and security architecture
- Serve as the subject matter expert (SME) for information security platforms, when assigned as the primary engineer; on-going threat analysis and research
- Play a significant role in responding to and containing information security related incidents
- Conduct regular technical risk assessments of firm systems and infrastructure
- Oversee and directly participate in the installation, configuration, and management of information security technologies
- Utilize Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platform (CNAPP) tools to continuously identify and remediate misconfigurations, compliance drift, and over-privileged access across IaaS, PaaS, and SaaS environments, including container orchestration platforms, serverless architectures, and CI/CD pipeline integrations
- Assess and mitigate security risks introduced by generative AI adoption — including prompt injection attacks, context manipulation, agentic workflow abuse, and Model Context Protocol (MCP) server vulnerabilities — and assist in the development and enforcement of organizational AI usage policies
- Maintain current working knowledge of generative AI concepts and architecture — including large language models (LLMs), prompt engineering and context engineering concepts, AI skills and function-calling, agentic AI frameworks, and Model Context Protocol (MCP) servers — in order to effectively evaluate, design security controls for, and advise stakeholders on AI-integrated systems and workflows
- Maintain expertise in the OWASP Top 10, OWASP Top-10 GenAI, CWE/CVE frameworks, and emerging application-layer attack techniques; API security testing, and web application firewall (WAF) policy management
- Network security experience — including next-generation firewalls (NGFW), intrusion detection and prevention systems (IDS/IPS), network segmentation and microsegmentation, network traffic analysis (NTA), DNS security, IPSec VPN, and secure access service edge (SASE) architectures — to protect firm technology infrastructure
- Aid in the development and knowledge transfer to Information Security team members, Information Services groups, and business support teams
- Promote a culture of information security across all business units
- Performs ticketed work-related duties
- Flexibility to work escalated issues and/or apply production changes off-hours where needed
- Participate in On-Call rotation for after-hours/weekend support
- Periodic travel may be required
Qualifications
- Self-directed and driven, with a proven ability to prioritize and execute independently in fast-paced environments
- Bachelor of Science in Computer Science, Information Technology, Cybersecurity, or a related technical discipline; equivalent hands-on technical experience demonstrating the same depth of competency will be considered in lieu of a degree
- Minimum 3 years of experience in dedicated information security roles, with a demonstrated track record of engineering, deploying, and operating enterprise-scale security controls and leading response to sophisticated incidents
- 5 or more years of prior hands-on IT experience in a foundational technical discipline, such as network engineering, systems administration, software or application development, cloud infrastructure engineering, or DevOps/platform engineering
- Working knowledge of generative AI technologies and their associated security considerations, including LLM architecture, prompt engineering and context engineering concepts, AI skills and function-calling, agentic AI frameworks, and Model Context Protocol (MCP) server security; demonstrated ability to identify and mitigate AI-introduced risks is highly desirable
- Strong working knowledge of information security software and services, including EDR/XDR, zero trust network access (ZTNA), web security/proxy, application control, security service edge (SSE), DNS security, identity and access management (IAM/PAM), DLP, CASB, and SIEM platforms
- Strong working knowledge of Crowdstrike Next-Gen SIEM is desirable
- Strong knowledge of cloud security principles and architecture across all major delivery models: IaaS (AWS, Azure, GCP), SaaS (M365, NetDocs, iManage, Workday, etc.), and PaaS (container and Kubernetes security, serverless function hardening, and CI/CD pipeline security); M365 Defender and Microsoft Purview expertise is highly desirable; hands-on experience with CSPM and CNAPP tooling preferred
- Desired: Hands-on experience with network security technologies including next-generation firewalls (NGFW), IDS/IPS, network access control (NAC), network traffic analysis (NTA), microsegmentation, and SASE/SD-WAN architectures
- Desired: Hands-on application security experience including operation of SAST, DAST, and SCA tooling, API security testing and assessment, web application firewall (WAF) administration, secure SDLC program participation, and familiarity with DevSecOps practices
- Professional security certifications are desired but not required: CISSP, CCSP, CEH, OSCP, AWS Security Specialty, or GIAC certifications (GCIH, GPEN, GWEB, GWAPT, GCFE); active pursuit of relevant credentials is encouraged and supported by the firm
- Strong written and oral communication skills
- Organized, responsive and thorough problem solver
- Able to manage multiple concurrent activities and effectively prioritize time and effort, in a high-pressure environment
- Able to adapt quickly to changing priorities
- Maintains strict confidentiality regarding sensitive firm information, personnel matters, and internal affairs, and exercises sound discretion at all times
- A committed team player who fosters strong working relationships, embraces the diverse expertise of colleagues, and contributes to a culture of trust, inclusion, and shared purpose