Technology Cyber Security Architect
Cooley is seeking a Cyber Security Architect to join the technology team.
Position summary: Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. To that end, the Cyber Security Architect will work to maintain and monitor the security practices and systems implemented by the firm. The Cyber Security Architect will proactively identify and mitigate cyber threats to protect our organization's assets with a focus on emerging technologies and artificial intelligence (AI) security. Working collaboratively with Technology and Innovation teams, the position will design advanced security architecture and threat detection techniques. Specific duties and responsibilities include, but are not limited to, the following:
Position responsibilities:
- Design and maintain enterprise security architecture across on-premises, hybrid, and AI-enabled environments
- Define security standards, patterns, and reference architectures aligned with business objectives and regulatory requirements
- Conduct security architecture reviews for new systems, applications, AI/ML platforms, and major technology changes
- Partner with engineering, infrastructure, DevOps, and data teams to embed security, privacy, and governance into system design and delivery
- Design security controls for AI and ML systems, including data pipelines, model training environments, inference platforms, and AI integrations
- Identify and mitigate risks related to AI systems, such as data leakage, model poisoning, prompt injection, and adversarial attacks
- Evaluate and recommend security tools, platforms, and AI-enabled security technologies
- Ensure architectures comply with applicable legal, regulatory, and industry frameworks (e.g., NIST, ISO 27001, SOC 2, GDPR, emerging AI regulations)
- Establish guardrails for responsible and secure use of generative AI and large language models, including access controls, monitoring, logging, and auditability
- Support incident response, forensic investigations, and post-incident architecture improvements
- Provide guidance and mentorship to security engineers and other technical stakeholders
- Communicate architectural decisions and security risks clearly to technical and non-technical audiences, including senior leadership
- Required to participate in a 7x24 on-call rotation
- All other duties as assigned or required
Skills and experience:
Required:
- After orientation at Cooley LLP, exhibit proficiency in the Microsoft Office suite, iManage and other firm applications
- Ability to work extended and/or weekend hours, as required
- Ability to travel, as required
- 3+ years direct applicable experience (e.g., cybersecurity, infrastructure, or systems architecture). Senior level candidates considered with 5+ years direct applicable experience.
- Strong knowledge of network security, identity and access management (IAM), encryption, and endpoint security
- Ability to translate business requirements into secure technical designs
- Extensive knowledge and experience with the configuration of security controls and secure migration of enterprise applications
- Experience with implementing security tools and architecture such as:
- Access Controls
- Data Loss Prevention (DLP)
- Web Application Firewalls (WAF)
- Secure SDLC and Software Security
- Firewalls
- Anti-malware and anomaly detection controls
- Data encryption in transit and at rest
- Network security
- Monitoring
- Experience with a formal requirements definition
Preferred:
- Bachelor’s Degree in Information Technology, Computer Information Systems, Computer Science, Information Security, or related discipline
- Familiarity with security frameworks and best practices (NIST CSF, Mitre ATT&CK, Zero Trust, OWASP, emerging AI regulations)
- Familiarity with common security controls in the enterprise (Firewall, Proxy, AV, SIEM, etc.)
- Experience with incident response procedures
- Working knowledge of securing AI-enabled applications and services, including data access controls, model integration, and API security
- Experience applying existing security frameworks and controls to emerging technologies, including AI and automation platforms
- Extensive knowledge and understanding of security issues, techniques, and implications across multiple computer platforms
- Demonstrated experience leading and developing others by providing technical guidance and leadership to project teams
- Solid knowledge and understanding of security regulations and best practices such as the ISO 27000 family of standards
- Solid knowledge and understanding of systems development life cycle (SDLC)
- Demonstrated experience translating business requirements into architectural deliverables and technical specifications
- Demonstrated experience communicating technical information to business clients and less experienced technologists
- CISSP, CISM or equivalent
- Experience with CI/CD pipelines
- Cloud Architecture and/or Cloud Security Certifications (AWS, Azure, GCP)
- Cloud Security Alliance (CCSP, CCSK) (ISC)2
- Additional security certifications
Competencies:
- Excellent analytical, problem-solving, customer service, project management and communication skills
- Goal-oriented
- Excellent oral and written communication skills, including technical and user documentation
- Strong organizational skills
- Ability to interact well with all levels of staff and coordinate with several teams to achieve objectives
- Flexible and patient with process development/execution and adherence to instruct project management practices
- Capable of grasping new concepts quickly and without prior experience
- Ability to multi-task and work in fast-paced environment
- Entrepreneurial by nature
- Excellent attention to detail
- Ability to organize, prioritize and coordinate multiple activities often under tight timelines
- Ability to drive projects to completion and achieve goals
- Strong judgment
- Team-player with collaborative spirit
- Unwavering ability to handle and maintain confidentiality regarding firm information, projects,
- client data
- High level of professionalism at all times
- Proactive, analytical mindset
- Effective presentation skills
Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE.
The expected annual pay range for this position with a full-time schedule is $120,000 - $175,000. Please note that final offer amount will be dependent on geographic location, applicable experience and skillset of the candidate. Senior level candidates may be considered for this position and would be eligible for a higher salary range based on experience.
We offer a full range of elective benefits including medical, health savings account (with applicable medical plan), dental, vision, health and/or dependent care flexible spending accounts, pre-tax commuter benefits, life insurance, AD&D, long-term care coverage, backup care for children and/or adults and other parental support benefits. In addition to elective benefit options, benefited employees receive firm-paid life insurance, AD&D, LTD, short term medical benefits as well as 21 days of Paid Time Off (“PTO”) and 10 paid holidays each year. We provide generous parental leave and fertility benefits. New employees will attend a detailed benefit orientation to learn more about our many benefits and resources.