Morgan & Morgan, P.A.

Senior Security Engineer

Morgan & Morgan, P.A.  •  Orlando, FL / Tampa, FL (Onsite)  •  24 days ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

At Morgan & Morgan, the work we do matters. For millions of Americans, we’re their last line of defense against insurance companies, large corporations or defective goods. From attorneys in all 50 states, to client support staff, creative marketing to operations teams, every member of our firm has a key role to play in the winning fight for consumer rights. Our over 6,000 employees are all united by one mission: For the People.

Senior Security Engineer

Location: Orlando, FL or Tampa, FL (Onsite, Full-Time)

Work Arrangement This is an in-office position, open to local candidates only.

About the Role

Our firm is a large, multi-state law practice with a sophisticated technology environment and a deep responsibility to protect highly sensitive client and matter data. We are seeking a Senior Security Engineer to strengthen and mature our Microsoft-centered security program. This is a hands-on engineering role for someone who thrives on threat detection, tenant hardening, identity modernization, and security automation—and who can clearly communicate risk and remediation to both technical teams and firm leadership.

Key Responsibilities

Detection and Response

  • Engineer, tune, and operate detections and response workflows across Microsoft Defender XDR and Microsoft Sentinel, including authoring and optimizing KQL queries, analytics rules, workbooks, and hunting content.

Tenant and Endpoint Hardening

  • Lead and execute M365 tenant hardening initiatives across the E5 stack, establishing and maintaining secure baselines and configuration standards.
  • Administer and harden endpoint security through Microsoft Defender for Endpoint and Intune, including device compliance, configuration profiles, and attack surface reduction.

Security Automation and Vulnerability Management

  • Build and maintain security automation (e.g., Logic Apps, automation rules/playbooks, PowerShell, Azure Functions) to reduce manual effort and accelerate response.
  • Own vulnerability assessment and remediation tracking, partnering with IT and infrastructure teams to close gaps.

Cloud, Identity, and Data Governance

  • Secure and govern Azure infrastructure, applying cloud security best practices across resources and workloads.
  • Configure and manage Microsoft Purview for data governance, information protection, data loss prevention, insider risk, and compliance.
  • Strengthen identity and access management (IAM) practices firm-wide, including least-privilege enforcement and access reviews.

AI Security and Documentation

  • Secure and govern AI and AI agents across the firm, addressing data exposure, identity and access for agents, acceptable-use controls, and the confidentiality and privilege concerns unique to a legal environment.
  • Document standards, procedures, and runbooks; communicate security posture, incidents, and recommendations clearly to technical staff and firm leadership.
  • Manage application security assessments and lifecycle oversight to retire applications that are inactive or pose security risks.

Qualifications

  • Strong hands-on expertise across: Defender XDR enterprise defense suite and Microsoft Sentinel with proficient KQL; M365 tenant hardening (Entra ID, Exchange, Teams, SharePoint); Azure infrastructure security; security automation (SOAR); Entra ID and Conditional Access; vulnerability assessment; Defender for Endpoint, Intune, Application Control; and Microsoft Purview (DSPM, IP, DLP, IRM, DLM, AI).
  • Strong technical, organizational, time-management, and communication skills.
  • Participate in scheduled after-hours changes as needed.

Education and Experience

  • Experience at a law firm or in a similarly regulated, confidentiality-driven environment.
  • Demonstrated experience securing AWS and/or GCP environments in enterprise settings.
  • Experience designing and implementing security controls for AI and agent-based workloads.
  • 4–7+ years of experience as a Security Engineer at a large, multi-state organization.

#LI-MB1

Benefits

Morgan & Morgan is a leading personal injury law firm dedicated to protecting the people, not the powerful. This success starts with our staff. For full-time employees, we offer an excellent benefits package including medical and dental insurance, 401(k) plan, paid time off and paid holidays.

Equal Opportunity Statement

Morgan & Morgan provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

E-Verify

This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. If E-Verify cannot confirm that you are authorized to work, this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you, including terminating your employment. Employers can only use E-Verify once you have accepted a job offer and completed the I-9 Form.

Privacy Policy

Here is a link to Morgan & Morgan's privacy policy.

Morgan & Morgan, P.A.

About Morgan & Morgan, P.A.

John Morgan became a lawyer with a simple mission: To fight for the people, and not the powerful. After experiencing firsthand the perils of choosing the wrong lawyer and representation after his brother Tim was paralyzed, he dedicated his life to helping people so that no one should ever have to go through what his family endured.

Tim was just a teenager when he was working as a lifeguard at Disney World when he suffered a spinal injury that left him confined to a wheelchair for the rest of his life. The Morgans made a life altering decision and they hired the wrong lawyer, who was by no means qualified to take on such a large corporation and their army of lawyers. As a result, Tim never got the compensation he deserved.

This experience left John outraged and determined to level the playing field for all people who, like his brother Tim, were injured or mistreated by big and powerful corporations. John decided to become a lawyer, and the rest is history.

Since 1988, Morgan & Morgan has been fighting for the people. Every client who walks through our doors is treated the same way John wished his family would have been treated all those years ago. No one, no matter who they are, or where they’re from, should ever feel powerless when fighting for the justice and compensation they deserve.

With $25 Billion dollars recovered for our clients, offices across 50 states + Washington D.C. and an army of over 1,000 attorneys - we are everywhere for everyone.

All law firms are not the same. There’s only one Morgan & Morgan.

Industry
Legal & Compliance
Company Size
5,001-10,000 employees
Headquarters
Orlando, FL
Year Founded
1988
Social Media