Job Specifications
Summary
The Cloud Security Engineer is primarily responsible for designing, implementing, and supporting secure Microsoft Azure cloud environments for the Firm. This individual will ensure that cloud-based development platforms, APIs, and applications follow best practices, regulatory requirements, and Firm-specific policies to protect sensitive Client and Firm data. The Cloud Security Engineer acts as a subject matter expert, collaborating with cross-functional teams to establish secure coding, deployment, and data management processes. This role also participates in security incident response activities related to cloud infrastructure and applications, ensuring timely detection, containment, and remediation of potential threats. This person will also contribute to our overall Cloud Security Strategy.
Duties And Responsibilities
Design, configure, and maintain secure Microsoft Azure environments aligned with industry best practices and Firm policies. Familiarity with AWS and Google cloud needed as well.
Implement and manage cloud security controls, including identity and access management, network segmentation, encryption, and security monitoring.
Protect sensitive data stored or processed in the cloud through encryption, access controls, and secure key management.
Develop, enforce, and maintain secure API management processes, including authentication, authorization, rate limiting, and auditing.
Build and maintain secure DevSecOps pipelines, ensuring that only reviewed, tested, and approved code is promoted to production.
Integrate automated security testing and vulnerability scanning into Continuous Integration / Continuous Delivery (CI/CD) workflows.
Collaborate with application developers, infrastructure engineers, and security teams to ensure secure design and deployment practices.
Create and maintain documentation, standards, and procedures for cloud security configurations, incident handling, and code promotion processes.
Monitor and respond to security alerts from cloud-native tools and third-party monitoring solutions.
Participate in risk assessments, audits, and compliance efforts related to cloud security (e.g., ISO 27001, GDPR, CCPA).
Stay current with emerging cloud security threats, vulnerabilities, and evolving best practices, especially within the Microsoft Azure ecosystem.
Salaries vary by location and are based on numerous factors, including, but not limited to, the relevant market, skills, experience, and education of the selected candidate. If an estimated salary range for this role is available, it will be provided in our Target Salary Range section. Our compensation package also includes bonus eligibility and a comprehensive benefits program. Benefits information can be found at Sidley.com/Benefits .
Target Salary Range
$127,000 - $147,000 if located in Illinois
Qualifications
To perform this job successfully, an individual must be able to perform the Duties and Responsibilities (Duties) above satisfactorily and meet the requirements below. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of the job. If you need such an accommodation, please email staffrecruiting@sidley.com (current employees should contact Human Resources).
Required
Education and/or Experience:
Bachelor’s degree with a preference for those with a degree in Computer Science, Information Security, Technology or a related field.
Minimum of 3 years of experience in cloud security engineering, with a strong focus on Microsoft Azure.
Hands-on experience with Azure security services (e.g., Azure Security Center, Defender for Cloud, Key Vault, Azure AD, Application Gateway, API Management).
Experience designing and managing secure DevSecOps pipelines using Azure DevOps or equivalent tools.
Strong understanding of cloud-based network security, encryption, and identity management best practices.
Demonstrated ability to assess, troubleshoot, and remediate security issues in cloud environments.
Preferred
Relevant cloud and security certifications (e.g., Microsoft Certified: Azure Security Engineer Associate (AZ 500, Microsoft Certified: Azure Solutions Architect Expert, CISSP, CCSP, Security+).
Experience in the legal, financial, or other highly regulated industries.
Relevant certifications (e.g. CISSP, Security+, etc.)
Familiarity with AWS and Google a plus.
Other Skills And Abilities
The following will also be required of the successful candidate:
Strong organizational skills
Strong attention to detail
Good judgment
Strong interpersonal communication skills
Strong analytical and problem-solving skills
Able to work harmoniously and effectively with others
Able to preserve confidentiality and exercise discretion
Able to work under pressure
Able to manage multiple projects with competing deadlines and priorities
Sidley Austin LLP is an Equal Op
About the Company
Sidley is an elite global law firm. With 2,300 lawyers, annual revenue of US$3.4 billion, and experience that spans nearly 160 years, we have established a reputation using Built to Win(sm) legal strategies in successfully representing clients in more than 70 countries on complex transactional, restructuring, investigation, regulatory, and litigation matters. With 21 offices strategically situated in key commercial and financial hubs across the world, our perspective and our reach are truly global. Our lawyers and business p...
Know more