IAM / IGA Security Engineer designing and implementing identity governance solutions. Collaborating with Security, IT, HR, and business stakeholders to ensure secure access governance.
About the role
- Enterprise Security Compliance Lead managing security audits and compliance activities for a global law firm. Ensuring successful completion of vendor and client security assessments and reports across teams.
Responsibilities
- Participating in the overall process related to client security audits, vendor security audits, and other security compliance activities (e.g., ISO 27001, penetration tests, other client responses, etc.)
- Completing assigned client security reviews from intake through closure by identifying all necessary internal stakeholders based on the request (e.g., security survey, audit, review, etc.), assembling relevant and appropriate documentation, and completing the appropriate forms and questionnaires required by Latham clients
- Assisting with the vendor security audit process for assigned vendors, including collecting and reviewing submitted materials, following up on outstanding items, and drafting summary reports
- Maintaining relationships with third-party audit services that audit firm vendors, audit the firm on behalf of clients, or otherwise evaluate the firm (e.g., ISO 27001 assessors, independent consultants)
- Acting as a project manager to ensure the success of ISO 27001, client and vendor audits, and other assessments
Requirements
- A bachelor's degree or equivalent; a minimum of five (5) years of Security and Technology experience may be considered in lieu of a degree
- A bachelor’s degree in Information Systems, Computer Science, Engineering, or related field, preferably
- Recognized security certifications preferred (e.g., CISM, CISA, CRISC, CDPSE, CISSP)
- A minimum of five (5) years of experience in IT audit or IT risk management
- A minimum of three (3) years of experience in performing security assessments, IT vendor risk assessments, and vulnerability management reviews
- A minimum of two (2) years of experience applying project management concepts
Benefits
- Healthcare, life and disability insurance
- A generous 401k plan
- At least 11 paid holidays per year, and a PTO program that accrues 23 days during the first year of employment and grows with tenure
- Well-being programs (e.g. mental health services, mindfulness and resiliency, medical resources, well-being events, and more)
- Professional development programs
- Employee discounts
- Affinity groups, networks, and coalitions for lawyers and staff
Job title
Job type
Experience level
Salary
Degree requirement
Location requirements
Senior Consultant helping the Ministry of Defence with large - scale ICT projects and innovations in technology and security. Lead developments in networks and applications in cooperation with Defence Architects.
Software Security Engineer at Spectro Cloud focusing on securing Kubernetes - based platforms for AI infrastructure. Responsible for implementing security controls and managing incident responses across the platform.
Lead Information Security initiatives at Starling, the UK's leading digital bank. Manage policy frameworks, team performance, and ensure compliance with security standards.
Technical Operator handling ticket resolution and IT troubleshooting in a structured team environment for Managed Security Services. Interfacing with varied technical tools to support international clients.
Support Health, Safety, and Security processes at East West Rail. Coordinate training, manage budgets, and ensure compliance with regulatory standards.
AI Security Engineer focusing on adversarial machine learning and enterprise security architecture. Leading red team engagements and translating technical risk into governance frameworks.
AI Security Architect leading adversarial testing for enterprise AI products, integrating security findings into governance frameworks. Collaborating with engineering and compliance functions in a hybrid work environment.
Leading GRC & IT Security Consulting at Orange Cyberdefense in Zürich. Drive business growth and manage client relationships while leading a technical consulting team.
Senior Endpoint Security Engineer at Metric5 managing CrowdStrike Falcon deployment for Department of Treasury. Overseeing sensors rollout and resolving high - tier architectural issues in diverse IT environments.