Senior Information Security Engineer

Goldberg Segalla, a dynamic and collaborative law firm with a national presence, seeks a Senior Information Security Engineer to lead hands-on security initiatives across our hybrid IT environment. This role focuses on securing systems, applications, and data—leveraging the full suite of Microsoft Defender products, and overseeing the protection of our hybrid Office 365 deployment. The ideal candidate is a technically skilled professional who can proactively identify and mitigate threats, drive automation in security operations, and clearly communicate risk to leadership.

1. Conduct regular security assessments, vulnerability scans, and coordinate penetration testing with internal and external partners.
2. Perform risk analysis and develop mitigation plans based on findings and organizational risk tolerance.
3. Design, implement, and manage security infrastructure and tools across on-prem, cloud, and hybrid environments.
4. Administer and enhance the Microsoft Defender suite (Defender for Endpoint, Identity, Office 365, Cloud Apps, etc.) to detect and respond to modern threats.
5. Configure, monitor, and maintain Microsoft Data Loss Prevention (DLP) policies to protect sensitive information across email, Teams, SharePoint, OneDrive, and endpoint devices.
6. Automate and streamline security operations processes for improved efficiency and incident response.
7. Manage and enforce privileged access and credential controls, ensuring secure administrative access to critical systems.
8. Stay up to date with cybersecurity trends, threats, and tools, applying insights to continuously strengthen our security posture.
9. Monitor, investigate, and respond to security alerts and incidents.
10. Communicate security risks, posture, and incident updates to stakeholders, including regular briefings to the Director of Technology.

• Hybrid Office 365 / Exchange environment
• Microsoft Defender (for Endpoint, Identity, Office 365, Cloud Apps)
• Microsoft Purview and Microsoft DLP
• Azure AD, Conditional Access, Intune, Microsoft Sentinel
• Windows Server, Active Directory, Group Policy, PKI
• SIEM, EDR, PAM/IAM, vulnerability scanners

• 5+ years of hands-on experience in information security or systems administration with a security focus
• Expertise with Microsoft 365 security, Microsoft DLP, and the broader Microsoft Defender ecosystem
• Strong knowledge of Windows Server, Active Directory, and hybrid IT security
• Experience with automation and scripting (PowerShell preferred)
• Understanding of industry-standard security frameworks (e.g., NIST, CIS, ISO 27001)
• Preferred certifications: SC-200, CISSP, Security+, Azure Security Engineer Associate

The annualized salary range for this position is $90,000.00 to $115,000.00. Actual pay may be adjusted based on experience and other job-related factors permitted by law. This position also offers bonuses, and a full benefits package including health insurance, dental insurance, life insurance, a 401(k) plan, flexible spending, and more.

Goldberg Segalla isn’t merely a business—we’re a community. We value diversity and strive to create a collaborative culture where leadership is rewarded, and mutual respect and teamwork are core traits.

Goldberg Segalla is a national civil litigation firm with offices across major U.S. metro markets, providing strategic coverage for clients in various sectors including construction, energy, transportation, manufacturing, retail, hospitality, and insurance. Our team of over 400 attorneys are trusted counselors in business and commercial disputes, employment, insurance coverage, and more.

Department: IT
This is a full-time position