Technology Cyber Security Architect

Position Summary Cooley Technology embraces a culture of customer service excellence, and all members of the department are expected to move this agenda forward. The Cyber Security Architect will maintain and monitor the security practices and systems implemented by the firm and proactively identify and mitigate cyber threats, focusing on emerging technologies and AI security. Responsibilities Design and maintain enterprise security architecture across on-premises, hybrid, and AI-enabled environments. Define security standards, patterns, and reference architectures aligned with business objectives and regulatory requirements. Conduct security architecture reviews for new systems, applications, AI/ML platforms, and major technology changes. Partner with engineering, infrastructure, DevOps, and data teams to embed security, privacy, and governance into system design and delivery. Design security controls for AI and ML systems, including data pipelines, model training environments, inference platforms, and AI integrations. Identify and mitigate risks related to AI systems, such as data leakage, model poisoning, prompt injection, and adversarial attacks. Evaluate and recommend security tools, platforms, and AI-enabled security technologies. Ensure architectures comply with applicable legal, regulatory, and industry frameworks (e.g., NIST, ISO27001, SOC2, GDPR, emerging AI regulations). Establish guardrails for responsible and secure use of generative AI and large language models, including access controls, monitoring, logging, and auditability. Support incident response, forensic investigations, and post‑incident architecture improvements. Provide guidance and mentorship to security engineers and other technical stakeholders. Communicate architectural decisions and security risks clearly to technical and non‑technical audiences, including senior leadership. Participate in a 7x24 on‑call rotation. Perform other duties as assigned or required. Qualifications 3+ years direct applicable experience in cybersecurity, infrastructure, or systems architecture (senior candidates with 5+ years considered). Strong knowledge of network security, identity and access management (IAM), encryption, and endpoint security. Ability to translate business requirements into secure technical designs. Extensive experience configuring security controls and securely migrating enterprise applications. Experience implementing security tools and architecture such as Access Controls, Data Loss Prevention (DLP), Web Application Firewalls (WAF), Secure SDLC and Software Security, Firewalls, Anti‑malware and anomaly detection controls, data encryption in transit and at rest, network security, and monitoring. Proficiency in Microsoft Office suite, iManage, and other firm applications. Availability to work extended and/or weekend hours and to travel as required. Bachelor’s Degree in Information Technology, Computer Science, Information Security, or related discipline (preferred). Familiarity with security frameworks and best practices such as NIST CSF, Mitre ATT&CK, Zero Trust, OWASP, and emerging AI regulations. Knowledge of enterprise security controls (Firewall, Proxy, AV, SIEM, etc.). Experience with incident response procedures and securing AI‑enabled applications, including data access controls, model integration, and API security. Experience applying security frameworks to emerging technologies, including AI and automation platforms. Leadership experience in guiding and developing technical teams. Understanding of security regulations such as the ISO27000 family of standards and the systems development life cycle (SDLC). Demonstrated ability to translate business requirements into architectural deliverables and technical specifications. Strong communication skills for presenting technical information to business clients and less experienced technologists. Professional certifications such as CISSP, CISM, or equivalent (preferred). Experience with CI/CD pipelines and cloud architecture or security certifications (AWS, Azure, GCP). Additional cloud security certifications (CCSP, CCSK, etc.) are a plus. Benefits Annual pay range: $120,000 – $175,000 (dependent on location, experience, and skill set). Medical, dental, vision, health savings account, dependent care flexible spending accounts, pre‑tax commuter benefits, life insurance, AD&D, long‑term care coverage, backup care for children and/or adults. Firm‑paid life insurance, AD&D, LTD, short‑term medical benefits. 21 days of paid time off (PTO) and 10 paid holidays each year. Generous parental leave and fertility benefits. Comprehensive benefit orientation for new employees. Cooley offers a competitive compensation and excellent benefits package and is committed to fair and equitable employment practices. EOE. #J-18808-Ljbffr