This position is ideal for an experienced professional with a strong background in IT security who understands how to translate policies into practice and is committed to ensuring the confidentiality and integrity of our data. Being familiar with the legal sector is a bonus.

About the role

As an IT Security Engineer, you will be part of the ICT team and contribute to the ongoing security measures that protect our sensitive legal information. Reporting directly to the CIO and to the CISO, the IT Security Engineer plays a crucial role in maintaining and enhancing the firm's cybersecurity strategy.

The role consists of four main tasks:

Security infrastructure management

• Implement, manage, and maintain security infrastructure, including firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
• Conduct regular security assessments to identify vulnerabilities and recommend corrective actions.

Incident response

• Collaborate with the CISO in developing and implementing an effective incident response plan.
• Respond to and mitigate security incidents, conducting thorough post-incident analyses.

Security Policies and Procedures

• Assist in developing and enforcing IT security policies, standards, and procedures.
• Ensure compliance with relevant legal and regulatory requirements.

Security awareness training

• Contribute to the design and delivery of security awareness training programmes for employees.
• Keep staff informed about latest cybersecurity threats and best practices.
• Monitor and assess vulnerabilities in the firm's IT environment and coordinate timely application of security patches and updates.
• Monitor and assess role management, configuration, and privileged access.

Collaboration and reporting

• Collaborate with cross-functional IT teams to integrate security best practices into daily operations.
• Provide regular reports on the status of security measures to the CIO and CISO
• Conduct security and compliance audits.
• Participate in internal and external security audits.
• Ensure compliance with industry standards and regulations.

Who are you

The ideal candidate for this position has the following qualifications:

• Bachelor's degree in information technology, cybersecurity, or a related field
• 5+ years' experience in IT security, with a focus on cybersecurity within legal or professional service environments
• Strong understanding of information security principles, risk management and regulatory compliance
• Knowledge of security technologies, including firewalls, intrusion detection/prevention systems and endpoint security solutions
• Understanding of the Microsoft eco-system, including F5
• Experience in translating policies and guidelines into practice.
• Relevant certifications, such as CISSP, CISM or equivalent
• Excellent communication and interpersonal skills
• Ability to work independently and collaboratively in a fast-paced environment.
• Fluency in Dutch and English

About us

De Brauw Blackstone Westbroek is an international law firm, with a long history in the Netherlands. De Brauw specialises in high-end legal advice in complex cases.