Job Title

COMPANY OVERVIEW – ABOUT ARCHER ARCHER Systems is a leading technology-enabled legal services company that provides pre-settlement and post settlement administration services for single event, mass tort, and class action cases with the goal of helping claimants access their settlement proceeds more efficiently and quickly. The company plans to continue leveraging technology and top tier talent to enhance customer service and offer new product lines and services. ARCHER’s core offering is post-settlement Healthcare Lien Resolution Administration and QSF (Qualified Settlement Fund) Administration and payments processing for multi-claimant (mass tort and class action) litigation. Other services include claims administration, single event lien resolution, probate and bankruptcy coordination, release administration, medical records review, and plaintiff fact sheet and other intake/census preparation and management. ARCHER enables law firms to focus on their litigation while ensuring that critical pre-settlement and post-settlement administration documents, services, business analytics and reporting are handled efficiently and effectively.POSITION SUMMARY:The Lead Security Engineer is responsible for architecting, implementing, and governing ARCHER’s enterprise security controls across hybrid environments. Reporting Associate Director IT and closing work with the Sr. Director, Infrastructure & Security, this role provides hands-on technical leadership while guiding a team of security engineers in the execution of security operations, architecture, monitoring, identity security, and compliance initiatives. This position will play a key role in advancing ARCHER’s Zero Trust strategy, strengthening enterprise defenses, and ensuring alignment with regulatory and governance frameworks such as SOC 2, NIST, and ISO 27001.JOB RESPONSIBILITIES:Security Architecture & Engineering• Lead the design and implementation of enterprise security architecture across on-prem and cloud environments.• Architect secure Azure/AWS configurations, including IAM, network controls, and cloud-native security tooling.• Review and optimize Network Firewall/Switch deployments to establish least-privilege network access.Threat Detection, Monitoring & Response• Manage Microsoft NDR/XDR platforms, ensuring effective alerting, tuning, and mitigation workflows.• Oversee SIEM operations (Sumo Logic), including correlation rules, dashboards, and incident triage.• Serve as Level 3 escalation for complex security incidents.Identity, Access & Zero Trust• Design and implement secure identity strategies using Microsoft Entra ID.• Govern MFA, SAML, OIDC, RBAC, and Zero Trust policies across the enterprise.Email Security & User Protection• Manage DMARC, SPF, DKIM enforcement and email threat protection programs.• Lead phishing simulation and user awareness programs.Governance, Compliance & Risk Management• Maintain security policies, playbooks, and procedures aligned to SOC 2, NIST, ISO 27001.• Lead SOC 2 audits, evidence collection, and remediation tasks.• Conduct vulnerability assessments, risk reviews, and remediation oversight.Leadership & Cross-Functional Collaboration• Supervise, mentor, and guide a team of security engineers.• Partner with Infrastructure, Cloud, DevOps, and AppDev teams to embed security into system design and processes.• Present executive-level reporting on security posture and risk.KNOWLEDGE, SKILLS, ABILITIES AND RESPONSIBILITIES:Education and Experience• Bachelor’s degree in computer science, Information Security, Engineering, or a related field, or equivalent hands‑on experience.• 8–10 years of experience in cybersecurity engineering, including securing hybrid cloud and on‑premises environments.• Minimum 2–3 years leading, supervising, or mentoring a technical security engineering team.• Experience working with SOC 2, NIST, or ISO 27001 frameworks.• Master’s degree or security leadership certifications are a plus.Technical Skills• Expert‑level knowledge of network security technologies, including firewalls, VPN solutions, intrusion detection/prevention systems, and secure network architecture principles.• Strong hands‑on experience securing Azure and AWS cloud environments, including IAM, network controls, and cloud‑native security tools.• Deep expertise with Microsoft Defender NDR/XDR technologies (Defender for Endpoint, Identity, Cloud).• Operational experience with Sumo Logic or similar SIEM platforms, including log ingestion, correlation, and alert tuning.• Strong understanding of identity security, MFA, SAML, OIDC, RBAC, and Zero Trust architectures.• Practical experience implementing DMARC, SPF, DKIM, and email threat protection technologies.• Thorough knowledge of NIST, ISO 27001, SOC 2 Trust Services Criteria, and security governance best practices.• Scripting/automation experience (PowerShell, Python) is preferred.Leadership and Communication• Demonstrated success leading and developing high‑performing security engineering teams.• Ability to translate complex security risks, architecture considerations, and technical issues into clear communications for executives and non‑technical stakeholders.• Proven ability to manage cross‑functional relationships, build consensus, and influence security adoption across engineering, cloud, infrastructure, and application teams.• Strong experience conducting design reviews, leading incident response efforts, and enforcing best practices across distributed environments.Preferred Qualifications• Experience working in environments handling sensitive data such as PHI/PII, healthcare, or legal service industry contexts.• Experience maturing SOC 2, NIST, or ISO‑aligned security governance programs.• Background implementing or optimizing Zero Trust architectures.• Certifications such as PCNSE, CISSP, SC‑100, AZ‑500, AWS Security Specialty, or SOC 2/NIST/ISO Lead Implementer.