We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.

Job posting has expired

Back to search results

Infrastructure Security Engineer

Winston & Strawn LLP
United States, Texas, Houston
September 24, 2023


The Infrastructure Security Engineer will work collectively across teams in implementing and maintaining the configurations of our various physical and cloud-based systems. This position will be responsible for implementing the firm's security and risk requirements to ensure compliance. The Infrastructure Security Engineer role will reside on the infrastructure team and will report to the infrastructure manager. Required to collaborate with other infrastructure engineers (network/systems/storage/virtualization/cloud), security architect, security team, desktop architect, and various support teams to apply our security best practices.

Thorough understanding of network and security solutions, hardware, and fundamental security best practices are vital to this role.


  • Work with infrastructure and security teams to manage and maintain network firewalls and security equipment.
  • Primary point of contact and resource for security and risk related network infrastructure projects.
  • Implement, manage, and maintain the firm's endpoint security plan and authentication (NAC)
  • Troubleshoot and provide support for various infrastructure and security systems as required.
  • Work collectively with our network and security team to plan and strategize on network and security roadmaps. Study network architecture and make recommendations and identify solutions. Work in conjunction with our security team to conduct risk assessments.
  • Implement new network designs, take part in continual improvement and equipment life cycle management across our offices - globally.


  • Bachelor's Degree in Computer Science or Information Technology with 4 + years equivalent work experience required.
  • At least 5 years of experience and direct "hands-on" knowledge maintaining network equipment and information security systems required.


  • Knowledge of enterprise networks and security infrastructure. NAC, NPS, communication and internet security systems, remote access VPN, firewalls, and wireless security infrastructure.
  • Knowledge and experience with the following:
    • NAC/802.1x implementations and controls using Aruba Clearpass.
    • Palo Alto firewalls - physical and virtual in Azure
    • Meraki firewalls
    • Silverpeak SDWAN - physical and virtual in Azure
    • Cisco switching
    • Cisco Anyconnect VPN
    • Palo Alto Prisma VPN
    • Network segmentation and isolation


  • Must possess excellent communication, documentation, and interpersonal skills.
  • Strong technical knowledge across a variety of systems - integration of infrastructure and security devices with Active Directory, various MFA, and SSO systems.
  • Knowledge of LAN and WAN technologies, VPN, MPLS, ISPs, Silver Peak SD-WAN, failover, and high availability.
  • Design and implementation of various network segmentation strategies.
  • Requires after-hours, weekends and on-call work as needed.
  • Interact with all levels of management and teams within IS.
  • Ability to travel to Winston offices and or vendor locations as required.
We value diversity in the workplace. EOE/Minorities/Females/Vets/Disabled (EOE=Equal Opportunity Employer)