IT Security Engineer, Governance Risk & Compliance, Data Protection and Privacy Support

Orrick currently has an excellent opportunity for an IT Security Engineer, Governance Risk & Compliance (GRC), Data Protection and Privacy Support.  This position could be based in any of our U.S. offices and consideration given for 100% remote US locations.

The  IT Security Engineer, Governance Risk & Compliance (GRC), Data Protection and Privacy Support, assists the IT Security team in ensuring the firm meets its security objectives, regulatory requirements, and maintains strong data protection and privacy standards. This position supports client audits, third-party supplier security assessments, and data protection and privacy initiatives under the guidance of senior team members.

Governance, Risk & Compliance Support:

• Assist in maintaining enterprise security documents (policies, standards, baselines, guidelines, and procedures) as directed by senior staff.
• Help in testing and updating the firm's Incident Response Plan.
• Support the firm's ISO 27001 Certification program through documentation and evidence collection.
• Participate in client audits and third-party supplier security assessments by gathering information and preparing initial responses.
• Provide administrative and technical support for GRC compliance projects.

Data Protection and Privacy Support:

• Assist in implementing data protection and privacy strategies as directed by senior engineers.
• Collaborate with legal, compliance, and privacy teams to support privacy policy alignment with regulations.
• Monitor data protection measures under supervision and recommend minor improvements as identified.
• Help create training materials and support team members in delivering data protection best practices.

Cybersecurity Support:

• Maintain awareness of trends in cybersecurity, security solutions, and threat vectors.
• Assist in the deployment and configuration of security solutions, following established procedures.
• Monitor security solutions for proper operation and report issues to senior staff.
• Perform initial reviews of security logs, escalating findings as appropriate.

Operational Management:

• Ensure devices are configured per established security baselines under supervision.
• Support monitoring of security solutions for efficient operations.
• Participate in routine vulnerability assessments and security audits as directed.
• Provide basic support for end users and IT staff on security-related issues.

• 1–2 years of experience working with network security tools or in an information security support role.
• Foundational knowledge of cybersecurity, data protection, and privacy concepts.
• Experience assisting with audits or assessments preferred but not required.
• Interest in legal, financial, or business services industries is a plus.
• Basic understanding of Access Control Management and encryption concepts.
• Demonstrated project management skills: ability to coordinate tasks, track deliverables, and assist with multiple, simultaneous projects under supervision.

Formal Education & Certifications:

• Associate’s degree or Bachelor’s degree in computer science, cybersecurity, or a related field (or equivalent experience).
• Entry-level certifications such as CompTIA Security+ or Microsoft Certifications preferred but not required.

Skills & Abilities

• Willingness to learn from senior team members and adapt to new challenges.
• Good teamwork and communication skills; ability to explain technical details to non-technical audiences with guidance.
• Ability to handle shifting priorities in a dynamic environment with supervision.
• Strong organizational skills with the ability to assist in managing project timelines, deliverables, and project documentation.

Additional Requirements

• Ability to work flexible hours if needed and respond to basic security-related issues under supervision.
• May occasionally be asked to assist with multiple projects or work with vendors under direction.

Who is Orrick? Orrick is a global law firm focused on delivering innovative solutions for four sectors: Technology & Innovation, Energy & Infrastructure, Finance and Life Sciences & HealthTech. Founded more than 150 years ago in San Francisco, Orrick today has offices in 25+ markets. We are recognized globally for delivering the highest-quality legal advice and for our culture of innovation and collaboration. 

Compensation and Benefits

The expected salary range for this position is:

• New York City, Silicon Valley, and San Francisco $70,000 - $88,000
• Washington DC, Los Angeles, Orange County, Santa Monica, Sacramento, Boston, and Seattle $66,000 - $85,000
• All Other US Locations $63,000 - $80,000

Orrick is committed to providing a comprehensive, competitive, and thoughtful total compensation package to our attorneys and staff, wherever they work. This compensation and benefits information is based on the Orrick’s estimate as of the date of publication and may be modified in the future. The level of pay within the range will depend on a variety of job-related factors that may include, but not limited to, qualifications, relevant experience or education, particular skills or expertise, geography.  Other compensation may include an annual discretionary merit bonus, which would be determined by Firm and individual performance. 

We offer a full range of elective health benefits including medical, dental, vision and life; robust mental well-being programs; child, family, elder, and pet care benefits; short- and long-term disability and industry leading parental leave benefits, health savings account contributions (w/applicable medical plan), flexible spending accounts, and a 401K program. This role will receive compensated time off through our Paid Time Off program and paid holidays. 

Please visit www.orrick.com for more information about the firm.

How to Apply: If you are searching for a chance to create an impact, you have a little grit and you love working with a team, we want to talk with you. To submit your resume and cover letter for this position, please visit our Staff and Paralegal Opportunities Listings at www.orrick.com/Careers. Orrick accepts applications for this position on an ongoing basis, until filled. 

We are an Equal Opportunity Employer.

Consistent with the SF Fair Chance Ordinance, an arrest and conviction record will not automatically disqualify a qualified applicant from consideration.

Qualified applicants with criminal histories will be considered for the position in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring.

#LI-DNI