Role Purpose

To be responsible for integrating and connecting disparate security toolsets in an effort to achieve synergies that improve the overall effectiveness and efficiency of the Firm’s security operations.

To apply SOAR principles to existing Firm systems and actively seek new opportunities for the implementation of these principles across technical teams and platforms; provide direct technical support of key SOAR infrastructure, including development and maintenance of supporting tools, scripts, dashboards, and metrics is required.

The role exists to protect the confidentiality, integrity, availability, and recoverability of information, systems and facilities in compliance with organizational policies and standards.

Main Responsibilities

  • Critically analyze proposed and existing solutions for adherence to the Firm's design requirements, including requirements resulting from the ISMS Policy, client contracts, the regulatory environment, and professional obligations
  • Provide expert counsel to constituents regarding their information security obligations and facilitate an acceptable outcome based upon the tenets of the Firm's Risk Management Framework; frequent interfacing with technical, legal, and business operations personnel is expected
  • Architect, implement and support event management and logging solutions identified as necessary for the protection of Firm assets
  • Integrate and connect disparate systems to achieve synergistic incident detection, reporting, and response outcomes
  • Seek new opportunities for the application of SOAR technologies, principles and concepts across technical teams, processes, and systems
  • Develop, maintain and support key SOAR infrastructure, including toolsets, scripts, dashboards and metrics
  • Work closely with key constituents, such as SOC/IR, to deliver SOAR capabilities consistent with design requirements
  • Provide input, create documentation, and review information security policies and procedures
  • Utilize common security toolsets (SIEM, sniffer, IDS, etc) to identify issues and analyze compliance with existing policies and procedures
  • Provide high quality, business-level reports to management
  • Contribute to the Firm's security-related information repositories (web, database, SharePoint)
  • Monitor and report on compliance with the Firm’s information security policies and procedures
  • Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained
  • Stay abreast of the threat, capability, and technology landscape
  • Report compliance failures to appropriate management for immediate remediation
  • Participate in the definition of the organization’s IT disaster recovery and continuity plans for security event management systems
  • Serve as an internal information security consultant and mentor regarding security event logging to the Security Team and other constituents by monitoring information security technologies and trends, providing expert guidance, and assisting with knowledge development/mentoring activities
  • Serve as a 3rd-level support resource for the purposes of ticket resolution and change management activities
  • Analyze, recommend, and implement controls as determined necessary by management
  • Support Firm standard security applications, utilities, and processes. Utilize remote control and remote access software in the performance of duties
  • Utilize standard security tools such as a SIEM, IDS and other event logging systems

Travel Requirements

Occasional travel to provide information security services. 

About the Team

The Firm's Technology function is responsible for designing, developing and maintaining the firm's global technology infrastructure, including architecture, hardware, software, computer networking, communications and data management. The function works closely with lawyers, clients and PBS functions to ensure our technology offering is best-in-class and forward-thinking, allowing the Firm to provide its clients with cutting-edge, innovative legal and business advice via up-to-date technology products and solutions.

You will report to

Manager, Information Security

Key Relationships

  • Internal business stakeholders
  • Colleagues in the Global Technology Security team

Technical skills, qualifications and experience

  • Computer Science Bachelor’s Degree or substantial equivalent experience
  • Extensive professional experience with advanced information IT and security systems, including TCP/IP networking, scripting, and incident handling
  • Substantial proven experience of designing and implementing cyber security solutions in a large enterprise
  • Strong experience managing SIEM deployments
  • Experience of using scripts or other SOAR tools to automate security practices
  • Strong experience acting in a security advisory capacity to multiple constituencies
  • CISSP, SSCP, CISM, CRISC, CISA, or CGEIT preferred
  • SANS GPYC or equivalent coding experience beneficial
  • Expert understanding of security concepts, technologies, controls, and best practices
  • Working knowledge of information security frameworks such as ISO27001, NIST, and CIS
  • Ability to synthesize contract language and convert such language to controls
  • Authoritative understanding of security threats, qualitative and quantitative risk valuation models, and effective tools, tactics, and techniques for risk reduction
  • Expert understanding of SIEM/SOAR concepts and toolsets, including how to architect, automate, and integrate effectively with Incident Response
  • Masterful understanding of collecting and utilizing security event telemetry and threat intelligence sources to protect critical assets
  • Authoritative understanding of data communications and information systems hardware and software
  • Authoritative understanding of principles, theories, techniques, and methods of information system analysis and programming, particularly secure coding practices
  • Thorough knowledge of data processing and data communications concepts and services
  • Working knowledge of encryption technologies and standards, both at-rest and in-flight
  • Familiar with BCP/DR concepts and practices
  • Thorough knowledge of computer monitoring systems, endpoint security controls, vendor-supplied packaged programs, macros, utilities, and other highly technical programs
  • Expert analysis skills, including the gathering and analyzing of facts, formulating objective conclusions modified by subjective and experience-based qualifiers when appropriate, defining problems, and promoting solutions
  • Ability to adapt, integrate, and modify existing programs or vendor-supplied package programs for use with existing information systems
  • Proficient in the delivery of training and informational sessions to technical and non-technical constituencies
  • Proficient in oral and written English
  • Ability to be productive and maintain focus without direct supervision 

Personal qualities

These personal qualities represent the shared characteristics of high performers across Baker McKenzie, regardless of job level and location

Know how, e.g.,

  • Keeps across key developments in all relevant areas and demonstrates the ability to develop substantive authority in relation to the Firm's specialist fields
  • Demonstrates the ability to identify the real issue, and to anticipate requirements and potential consequences; distils a range of possibilities by thinking in a considered, prudent manner
  • Able to move through a variety of tasks requiring different approaches, knowledge, and expertise, with agility of mind and capacity for analysis and synthesis

Dedication, e.g.,

  • Driven by a strong personal sense of integrity and upholds exemplary quality standards
  • Prepares thoroughly, takes responsibility, uses initiative and is self reliant to ensure work progresses to the fullest extent possible
  • Hardworking and diligent with a keen understanding of client demands
  • Demonstrates composure when dealing with difficult situations

Personal Impact, e.g.,

  • Creates a positive impression at all times; develops relationships through collaboration and reciprocity
  • Negotiates to achieve outcomes that are mutually satisfactory; shows good judgement on when to stand strong and when to compromise
  • Invests in, nurtures and builds a network of productive relationships


  • Respectful to others, regardless of their position, and earns the respect of others by being transparent
  • Has care and concern for others and a genuine interest in others as people
  • Treats delicate or confidential issues with grace and discretion 

About Baker McKenzie

Baker McKenzie helps clients overcome the challenges of competing in the global economy. We solve complex legal problems across borders and practice areas. Our unique culture, developed over 65 years, enables our people to understand local markets and navigate multiple jurisdictions, working together as trusted colleagues and friends to instill confidence in our clients. This is an exciting time to join us as we invest in and further develop our Professional & Business Services organisation, providing rewarding and challenging career opportunities in all of our world-class business functions.

We are committed to promoting diversity and inclusion for all. Our unique international culture is reflected in the drawing together of a worldwide family of individuals from diverse cultures and backgrounds in all of our offices. We encourage the best people -- regardless of race, religion or belief if any, gender, gender identity, disability, sexual orientation or age -- to fulfil their professional aspirations with us.