Senior Security Engineer

MORGAN & MORGAN, P.A.
Orlando, United States of America
1 month ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Orlando, United States of America

Tech stack

Artificial Intelligence
Amazon Web Services (AWS)
Azure
Data Governance
Information Leak Prevention
Data Security
Identity and Access Management
Intrusion Detection and Prevention
Powershell
Kusto Query Language
Runbook
SharePoint
Software Vulnerability Management
EndPointSecurity
Microsoft Power Automate
Software Security
Microsoft InTune
Azure Security Center
Microsoft Sentinel
Serverless Computing
Security Orchestration, Automation & Response
Vulnerability Analysis

Job description

Our firm is a large, multi-state law practice with a sophisticated technology environment and a deep responsibility to protect highly sensitive client and matter data. We are seeking a Senior Security Engineer to strengthen and mature our Microsoft-centered security program. This is a hands-on engineering role for someone who thrives on threat detection, tenant hardening, identity modernization, and security automation-and who can clearly communicate risk and remediation to both technical teams and firm leadership., * Engineer, tune, and operate detections and response workflows across Microsoft Defender XDR and Microsoft Sentinel, including authoring and optimizing KQL queries, analytics rules, workbooks, and hunting content., * Lead and execute M365 tenant hardening initiatives across the E5 stack, establishing and maintaining secure baselines and configuration standards.

  • Administer and harden endpoint security through Microsoft Defender for Endpoint and Intune, including device compliance, configuration profiles, and attack surface reduction., * Build and maintain security automation (e.g., Logic Apps, automation rules/playbooks, PowerShell, Azure Functions) to reduce manual effort and accelerate response.
  • Own vulnerability assessment and remediation tracking, partnering with IT and infrastructure teams to close gaps., * Secure and govern Azure infrastructure, applying cloud security best practices across resources and workloads.
  • Configure and manage Microsoft Purview for data governance, information protection, data loss prevention, insider risk, and compliance.
  • Strengthen identity and access management (IAM) practices firm-wide, including least-privilege enforcement and access reviews.

AI Security and Documentation

  • Secure and govern AI and AI agents across the firm, addressing data exposure, identity and access for agents, acceptable-use controls, and the confidentiality and privilege concerns unique to a legal environment.
  • Document standards, procedures, and runbooks; communicate security posture, incidents, and recommendations clearly to technical staff and firm leadership.
  • Manage application security assessments and lifecycle oversight to retire applications that are inactive or pose security risks.

Requirements

Do you have experience in Vulnerability management?, * Strong hands-on expertise across: Defender XDR enterprise defense suite and Microsoft Sentinel with proficient KQL; M365 tenant hardening (Entra ID, Exchange, Teams, SharePoint); Azure infrastructure security; security automation (SOAR); Entra ID and Conditional Access; vulnerability assessment; Defender for Endpoint, Intune, Application Control; and Microsoft Purview (DSPM, IP, DLP, IRM, DLM, AI).

  • Strong technical, organizational, time-management, and communication skills.
  • Participate in scheduled after-hours changes as needed., * Experience at a law firm or in a similarly regulated, confidentiality-driven environment.
  • Demonstrated experience securing AWS and/or GCP environments in enterprise settings.
  • Experience designing and implementing security controls for AI and agent-based workloads.
  • 4-7+ years of experience as a Security Engineer at a large, multi-state organization.

Benefits & conditions

Pulled from the full job description

  • 401(k)
  • Health insurance
  • Paid time off
  • Dental insurance
  • Paid holidays, Morgan & Morgan is a leading personal injury law firm dedicated to protecting the people, not the powerful. This success starts with our staff. For full-time employees, we offer an excellent benefits package including medical and dental insurance, 401(k) plan, paid time off and paid holidays.

About the company

At Morgan & Morgan, the work we do matters. For millions of Americans, we're their last line of defense against insurance companies, large corporations or defective goods. From attorneys in all 50 states, to client support staff, creative marketing to operations teams, every member of our firm has a key role to play in the winning fight for consumer rights. Our over 6,000 employees are all united by one mission: For the People.

Apply for this position