IT Security Engineer

Overview

Orrick currently has an excellent opportunity for an IT Security Engineer I. This position could be based in any of our U.S. offices.

• Manage and triage the security ticket queue, ensuring timely response to security incidents and requests
• Respond to security alerts from EDR, SIEM, email security tools, and other monitoring systems
• Investigate and respond to phishing reports, analyzing email headers, embedded content, and malicious links
• Assist with malware analysis using sandboxing tools and containment when necessary
• Assist with documentation of incident response activities and execute security playbooks
• Participate in security incident response activities, including after-hours on-call rotation

• Provide engineering support for security infrastructure projects
• Assist in implementation and maintenance of security tools and technologies
• Support vulnerability management activities by coordinating with asset owners on remediation efforts
• Maintain security tool best practice configurations in Microsoft 365, Azure, and on-premises environments
• Identify opportunities for automation scripts to handle repetitive security tasks, and assist in their development

• Participate in training and professional development to advance security skills
• Stay current on emerging threats, vulnerabilities, and security technologies
• Contribute to security documentation and knowledge base articles

• Microsoft Technologies:
  Strong working knowledge of Windows Server, Active Directory, Microsoft 365, and Azure cloud services
• Networking Fundamentals:
  Understanding of TCP/IP, DNS, DHCP, VPN, the OSI model, and common network protocols
• Logging and SIEM:
  Basic ability to read, search, and query logs; familiarity with log sources and common security events
• Email Security:
  Understanding of email flow, SMTP protocol, and email security concepts including SPF, DKIM, and DMARC
• Phishing Defense:
  Ability to identify phishing attempts, analyze suspicious emails, and understand common attack vectors
• Endpoint Security:
  Basic understanding of EDR tools and endpoint protection concepts
• Vulnerability Management:
  Awareness of common vulnerabilities (CVE), scanning tools, and remediation processes

• Strong analytical and problem-solving abilities
• Excellent written and verbal communication skills for interacting with users and technical teams
• Ability to prioritize multiple tasks in a fast-paced environment
• Detail-oriented with strong documentation habits
• Customer service mindset when working with internal stakeholders

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience)
• 1-3 years of experience in IT systems administration, cloud engineering, or related technical role
• Security-focused experience preferred but not required for candidates with strong technical fundamentals
• Security certifications (Security+, Azure Security Engineer Associate, or similar) are a plus

• Experience with Power Shell or Python scripting
• Familiarity with Azure security services
• Basic understanding of Linux/Unix systems
• Knowledge of web security concepts (proxies, certificates, HTTPS)
• Experience with ticketing systems
• Understanding of Data Loss Prevention (DLP) concepts

• This position participates in a security on-call rotation to provide after-hours coverage for critical security incidents.

The expected salary range for this position is:

• New York City, Silicon Valley, and San Francisco $64,000 - $81,000
• Washington DC, Los Angeles, Orange County, Santa Monica, Sacramento, Boston, and Seattle $64,000 - $81,000
• All Other US Locations $61,000 - $76,000

Orrick is committed to providing a comprehensive, competitive, and thoughtful total compensation package to our attorneys and staff, wherever they work. This compensation and benefits information is based on the Orrick's estimate as of the date of publication and may be modified in the future. The level of pay within the range will depend on a variety of…