Access Control, Application Integration, Authentication, Cloud Architecture, Cloud Computing, Computer Security, Continuous Improvement, Customer Support/Service, Customer/Client Research, Design Patterns Programming Methodologies, Due Diligence, Establish Priorities, ISO (International Organization for Standardization), Identity Data Management, Incident Response, Information/Data Security (InfoSec), Infrastructure as a Service (IaaS), Legal, Maintain Compliance, Microsoft Windows Azure, People Management, Platform as a Service (PaaS), Risk, Security Analysis, Security Architecture, Security Attacks, Security Compliance, Single Sign-On (SSO), Software Engineering, Software as a Service (SaaS), Test Tools, U.S. National Institute of Standards and Technology (NIST)
Williams & Connolly LLP is seeking a highly experienced Senior Identity & Cloud Security Engineer to join its Information Security team. Reporting to the Chief Information Security Officer (CISO), this role is responsible for the architecture, engineering, and continuous improvement of the firm''s identity, cloud, and SaaS security posture, with primary emphasis on identity as the control plane.
This position requires deep, hands-on expertise in cloud identity platforms, SaaS access governance, Zero Trust architectures, and modern authentication and authorization controls. The role operates with significant autonomy and exercises independent judgment in designing and implementing security controls that protect sensitive legal and client data.
Responsibilities Include:
Identity & Access Management
- Architect, implement, and operate enterprise-grade identity and access management (IAM) solutions across cloud and SaaS platforms.
- Design and enforce Zero Trust identity controls, including MFA, conditional access, device trust, least privilege, and risk-based authentication.
- Own identity lifecycle management, including provisioning, deprovisioning, access reviews, and privileged access management (PAM).
- Secure and govern SaaS applications through SSO, federation, SCIM, and access policy enforcement.
- Lead identity hardening initiatives across Azure Entra ID (Azure AD) and other cloud identity platforms.
- Familiarity with cloud pen testing tools to address weaknesses and vulnerabilities
Cloud & SaaS Security Architecture
- Define and maintain security architecture standards for cloud (IaaS/PaaS) and SaaS environments, with a strong emphasis on identity-first design.
- Partner with IT and application owners to securely onboard new cloud and SaaS services.
- Evaluate emerging cloud and identity technologies and make recommendations aligned with firm risk tolerance and business needs.
- Provide guidance on cloud security governance, configuration standards, and secure design patterns.
Security Operations & Risk
- Identify, assess, and prioritize identity- and cloud-related vulnerabilities; validate remediation and risk acceptance decisions.
- Support incident response activities related to identity compromise, SaaS misuse, and cloud security events.
- Review higher-risk applications and integrations to ensure compliance with security policies and identity standards.
- Assist with client security assessments and due diligence requests, particularly related to identity, access controls, and cloud security posture.
Policy, Compliance & Enablement
- Develop and maintain security policies, standards, and procedures related to identity and cloud security.
- Support compliance initiatives aligned with frameworks such as ISO 27001, NIST, and client-driven security requirements.
- Contribute to security awareness efforts with a focus on authentication hygiene and access risk.