Sidley Austin LLP · 3 hours ago
Information Security Senior Engineer
Chicago, IL
Full-time
Hybrid
Mid, Senior Level
$120K/yr - $165K/yr
5+ years expSidley Austin LLP is a law firm that is seeking an Information Security Senior Engineer responsible for designing, implementing, and managing data governance, compliance, and information protection policies. This role involves ensuring sensitive data is appropriately classified and secured, collaborating with cross-functional teams, and contributing to the overall Data Security and Compliance Strategy.
AdviceConsultingFinanceFinancial ServicesLegal
Responsibilities
Design, configure, and maintain Microsoft Purview solutions for data classification, labeling, retention, and compliance in alignment with Firm policies and regulatory requirements
Implement and manage data security controls, including Information Protection policies, Data Loss Prevention (DLP), Insider Risk Management, and eDiscovery workflows
Implement policies to protect sensitive Client and Firm data through classification, labeling, encryption, access governance, and monitoring across Microsoft 365, Azure, and integrated environments
Work with Records Management, Data Governance IT Risk and other teams to develop, enforce, and maintain compliance policies, ensuring consistent application of regulatory, contractual, and Firm-specific data protection requirements
Build and optimize automated data governance workflows, enabling lifecycle management, secure data sharing, and defensible disposition of records in accordance with Firm strategy
Integrate Purview insights and alerts into Security Operations, incident response, and GRC processes to strengthen visibility, detection, and remediation of data-related risks
Collaborate with Records Management, Data Governance, IT, Security, Legal, and Compliance teams to design policies and processes that balance regulatory obligations, client requirements, and business operations
Monitor and respond to Purview compliance alerts, investigating potential risks such as data leakage, insider threats, or policy violations, and recommending remediation
Participate in risk assessments, audits, and compliance efforts related to data governance and regulatory frameworks (e.g., ISO 27001, GDPR, CCPA, HIPAA)
Stay current with emerging data governance technologies, compliance regulations, and best practices, ensuring the Firm continues to mature its use of Microsoft Purview capabilities
Qualification
Required
Bachelor's degree in Computer Science, Information Security, Information Governance, or a related field is required
Minimum of 5 years of experience in security engineering, compliance engineering, or data governance, with a strong focus on Microsoft 365 and Microsoft Purview solutions
Hands-on experience implementing and managing Microsoft Purview capabilities such as Information Protection, Data Loss Prevention (DLP), Insider Risk Management, Records Management, and eDiscovery
Practical knowledge of Microsoft 365 security and compliance tools. Strong PowerShell scripting experience
Strong understanding of data governance principles, regulatory compliance requirements (e.g., GDPR, CCPA, HIPAA, ISO 27001), and information lifecycle management
Demonstrated ability to assess, troubleshoot, and remediate data protection, compliance, and information governance issues in Microsoft 365 environments
Strong organizational skills
Strong attention to detail
Good judgment
Strong interpersonal communication skills
Strong analytical and problem-solving skills
Able to work harmoniously and effectively with others
Able to preserve confidentiality and exercise discretion
Able to work under pressure
Able to manage multiple projects with competing deadlines and priorities
Preferred
Relevant Microsoft certifications such as Microsoft Certified: Information Protection Administrator Associate, Security Operations Analyst Associate, or Azure Security Engineer Associate (AZ-500)
Advanced security and compliance certifications such as CISSP, CISM, CCSP, or Security+
Experience in the legal, financial services, or other highly regulated industries with strict client data governance and compliance requirements
Hands-on experience with data security and insider risk tools such as Varonis, Digital Guardian, or Cyberhaven
Familiarity with SIEM/SOAR platforms for correlating and responding to Purview alerts
Demonstrated ability to support large-scale legal hold, records management, and eDiscovery processes in global organizations
Strong knowledge of regulatory compliance frameworks such as GDPR, CCPA, HIPAA, ISO 27001, and client-driven contractual requirements
Benefits
Bonus eligibility
Comprehensive benefits program
Company
Sidley Austin LLP
Sidley is an elite global law firm.
1001-5000 employees
H1B Sponsorship
Sidley Austin LLP has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (51)
2024 (36)
2023 (17)
2022 (33)
2021 (20)
2020 (23)
Funding
Current Stage
Late StageLeadership Team
Anne Falvey
Chief Knowledge Officer
CARTER G. PHILLIPS
Partner
Recent News
2025-12-15
bloomberglaw.com
2025-12-12
Company data provided by crunchbase