Technology Cyber Security Architect
Description:
Technology Cyber Security Architect
Cooley is seeking a Cyber Security Architect to join the technology team.
Position summary: Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end, the Cyber Security Architect will work to maintain and monitor the security practices and systems implemented by the firm.The Cyber Security Architect will proactively identify and mitigate cyber threats to protect our organization's assets with a focus on emerging technologies and artificial intelligence (AI) security. Working collaboratively with Technology and Innovation teams, the position will design advanced security architecture and threat detection techniques. Specific duties and responsibilities include, but are not limited to, the following:
Position responsibilities:
Design and maintain enterprise security architecture across on-premises, hybrid, and AI-enabled environments
Define security standards, patterns, and reference architectures aligned with business objectives and regulatory requirements
Conduct security architecture reviews for new systems, applications, AI/ML platforms, and major technology changes
Partner with engineering, infrastructure, DevOps, and data teams to embed security, privacy, and governance into system design and delivery
Design security controls for AI and ML systems, including data pipelines, model training environments, inference platforms, and AI integrations
Identify and mitigate risks related to AI systems, such as data leakage, model poisoning, prompt injection, and adversarial attacks
Evaluate and recommend security tools, platforms, and AI-enabled security technologies
Ensure architectures comply with applicable legal, regulatory, and industry frameworks (e.g., NIST, ISO 27001, SOC 2, GDPR, emerging AI regulations)
Establish guardrails for responsible and secure use of generative AI and large language models, including access controls, monitoring, logging, and auditability
Support incident response, forensic investigations, and post-incident architecture improvements
Provide guidance and mentorship to security engineers and other technical stakeholders
Communicate architectural decisions and security risks clearly to technical and non-technical audiences, including senior leadership
Required to participate in a 7x24 on-call rotation
All other duties as assigned or required
Skills and experience:
Required:
After orientation at Cooley LLP, exhibit proficiency in the Microsoft Office suite, iManage and other firm applications
Ability to work extended and/or weekend hours, as required
Ability to travel, as required
3+ years direct applicable experience (e.g., cybersecurity, infrastructure, or systems architecture). Senior level candidates considered with 5+ years direct applicable experience.
Strong knowledge of network security, identity and access management (IAM), encryption, and endpoint security
Ability to translate business requirements into secure technical designs
Extensive knowledge and experience with the configuration of security controls and secure migration of enterprise applications
Experience with implementing security tools and architecture such as:
Access Controls
Data Loss Prevention (DLP)
Web Application Firewalls (WAF)
Secure SDLC and Software Security
Firewalls
Anti-malware and anomaly detection controls
Data encryption in transit and at rest
Network security
Monitoring
Experience with a formal requirements definition
Preferred:
Bachelor's Degree in Information Technology, Computer Information Systems, Computer Science, Information Security, or related discipline
Familiarity with security frameworks and best practices (NIST CSF, Mitre ATT&CK, Zero Trust, OWASP, emerging AI regulations)
Familiarity with common security controls in the enterprise (Firewall, Proxy, AV, SIEM, etc.)
Experience with incident response procedures
Working knowledge of securing AI-enabled applications and services, including data access controls, model integration, and API security
Experience applying existing security frameworks and controls to emerging technologies, including AI and automation platforms
Extensive knowledge and understanding of security issues, techniques, and implications across multiple computer platforms
Demonstrated experience leading and developing others by providing technical guidance and leadership to project teams
Solid knowledge and understanding of security regulations and best practices such as the ISO 27000 family of standards
Solid knowledge and understanding of systems development life cycle (SDLC)
Demonstrated experience translating business requirements into architectural deliverables and technical specifications
Demonstrated experience communicating technical information to business clients and less experienced technologists
CISSP, CISM or equivalent
Experience with CI/CD pipelines
Cloud Architecture and/or Cloud Security Certifications (AWS, Azure, GCP)
Cloud Security Alliance (CCSP, CCSK) (ISC)2
Additional security certifications
Competencies:
Excellent analytical, problem-solving, customer service, project management and communication skills
Goal-oriented
Excellent oral and written communication skills, including technical and user documentation
Strong organizational skills
Ability to interact well with all levels of staff and coordinate with several teams to achieve objectives
Flexible and patient with process development/execution and adherence to instruct project management practices
Capable of grasping new concepts quickly and without prior experience
Ability to multi-task and work in fast-paced environment
Entrepreneurial by nature
Excellent attention to detail
Ability to organize, prioritize and coordinate multiple activities often under tight timelines
Ability to drive projects to completion and achieve goals
Strong judgment
Team-player with collaborative spirit
Unwavering ability to handle and maintain confidentiality regarding firm information, projects,
client data
High level of professionalism at all times
Proactive, analytical mindset
Effective presentation skills
Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE.
The expected annual pay range for this position with a full-time schedule is $120,000 - $175,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience.
We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off ("PTO") and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.