Cloud Security Architect

About Ropes & Gray:

Ropes & Gray is a preeminent, global law firm. The firm has been ranked in the top-three on The American Lawyer's prestigious "A-List" for seven years and is ranked #1 on Law.com International's "A-List" in the U.K. - rankings that honor the "Best of the Best" firms.

The firm has approximately 2,500 lawyers and professionals serving clients in major centers of business, finance, technology, and government in Boston, Chicago, Dublin, Hong Kong, London, Los Angeles, New York, San Francisco, Seoul, Shanghai, Silicon Valley, Singapore, Tokyo and Washington, D.C.

The firm has consistently been recognized for its leading practices in many areas, including asset management, private equity, M&A, finance, real estate, tax, antitrust, life sciences, health care, intellectual property, litigation & enforcement, privacy & cybersecurity, and business restructuring.

Ropes & Gray is an equal opportunity employer.

Overview:

Under the direction of the Senior Manager of Information Security Operations, the Cloud Security Architect (“CSA”) will advise on firm cloud-based initiatives, review and evaluate newly proposed SaaS cloud technology, and work with other teams to secure cloud infrastructure and applications in accordance with industry best practices and the ever-evolving threat landscape.

The scope of this position is firm wide and requires a thorough understanding of all the IT systems the firm uses and how those systems are secured.

The CSA advises the Information Security Team on SaaS readiness, emerging vulnerabilities in cloud security, and newly introduced risks to firm systems, and takes a proactive approach in continually assessing the security of firm systems throughout their lifecycle, providing recommendations for enhancing security and adapting to new threats and vulnerabilities.

Responsibilities:

ESSENTIAL FUNCTIONS:

• Provide security and compliance subject matter expertise on cloud applications and platforms (IaaS, PaaS, SaaS).
• Review new SaaS technologies for potential information security risk as part of the Firm’s Information Technology Intake and Architecture Review Board processes.
• Actively participate in the design, maintenance, and development of the firm technology solutions as part of the Information Technology Intake review process and Architecture Review Board.
• Assist in coordinating and executing on the firm’s vendor risk management program.
• Engage and partner with other areas of the business to securely empower innovation in the Firm’s cloud-smart initiatives.
• Advise and assist in Identity and Access Management (IAM) of Cloud resources, working closely with the IAM members of the security team to secure authentication to the Firm’s cloud resources.
• Ensure compliance of solutions to architectural industry standards, and in accordance with the firm’s security, compliance, and privacy policies.
• Work to integrate cloud solutions with existing enterprise tools and systems.
• Stay informed on emerging cloud technologies and evaluate vendor offerings to determine best fit for business needs.
• Produce and maintain technical documents of systems and architectures.
• Participate in the daily operations of information security program including handling service desk tickets as well as participating in incident response, threat hunting, and detection engineering efforts.
• Perform research and analysis on an ongoing basis to ensure the Information Security team remains up to date regarding the latest threats, and all other forms of Information Security events pertaining to cloud providers and SaaS resources.
• Excellent customer service skills and sense of urgency when resolving issues.
• Review the current enterprise SaaS architecture to identify weaknesses and opportunities for improvement.
• Actively participates in the vulnerability management program, including pre-deployment risk and compliance assessments.
• Conduct regular technical risk assessments of systems and infrastructure.
• Oversee and directly participate in the installation, configuration, and management of information security technologies.
• Manages information security projects as assigned.
• Assist in the development and knowledge transfer to all team members, as well as other IS or firm groups
• Promote a culture of information security across all business units

OTHER RESPONSIBILITIES:

• Maintain current security certifications and attend industry seminars and relevant continuing education events
• Performs other work related duties as assigned
• Participate in On-Call rotation.

Qualifications:

EDUCATION, EXPERIENCE AND SKILLS REQUIRED:

• Bachelor of Science in a technology related discipline or 3 years of relevant experience
• 5 years of experience in dedicated information security roles.
• 3-5 years of experience in information technology in an area such as; cloud infrastructure, networking, desktop engineering, programming or systems administration
• Strong knowledge of data encryption, key management, and cloud-based data separation.
• Strong knowledge of SaaS integrations in a hybrid-cloud environment.
• Strong knowledge of cloud information security principals and technologies such as Azure, M365, AWS, etc.
• Working knowledge of data networking and IAM concepts.
• Experience with Cloud Security Compliance Frameworks and models (CIS, ISO, NIST, CSA CCM).
• Strong knowledge of security implications involving a variety of technologies including but not limited to; Microsoft, Cisco, Unix/Linux and other market leaders in technology solutions, including mobile devices.
• Strong working knowledge of TCP/IP protocols
• Strong written and oral communication skills
• Organized, responsive and highly thorough problem-solver
• Flexible work schedule to troubleshoot escalated issues out of hours and apply production changes where needed
• One or more of the following certifications: CISSP, SSCP, Azure Fundamentals, AWS Solution Architect, SANS GCLD, GCSA, GPCS, GCPN, GSEC.

ESSENTIAL CAPABILITIES:

• Ability to relate to non-technical users in user-friendly language
• Ability to understand technical implications of security threats
• Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment
• Ability to gauge one’s strengths and limitations
• Ability to deal with changes and adapt to a changing environment
• Must demonstrate the ability to maintain strict confidentiality of the firm's internal and personnel affairs
• Ability to work well with others, harness different skills and experience, and build a strong sense of team spirit
• Highly self-motivated and directed
• Ability to work in a multi-office environment and willingness to travel to other offices as required
• Ability to work effectively in a culturally and educationally diverse environment

Compensation and Total Rewards Package:

• being benefits, personal and professional development, career growth opportunities and a collegial and supportive culture.

• $175,000 (Boston and Washington, D.C.), $122,500
• $184,000 (New York), which represents our good faith and reasonable estimate of the starting salary range at the time of posting.

The actual offered rate for this position will be determined based on job-related, non-discriminatory factors, including qualifications and experience, geographic location, education, external market data and consideration of internal equity.

Working Conditions:

This position requires hybrid on-site presence as an essential function of the role. Consistent and predictable on-site presence is required for ongoing business continuity, professional development and effective collaboration with colleagues and management.