The Information Security Analyst position is an additional position within the firm’s Information Security team. This position will help meet increased internal and client information security demands and growing compliance needs. Currently, the Information Security team is comprised of two full time positions responsible for security at the firm. Internal and client demands have risen dramatically over the last sixteen months as new client requirements, internal technologies, and certifications have expanded in scope. Additional compliance requirements centered on privacy are also a major area of growth. This position is critical to maintain the firm’s information security standing with clients and industry as a whole.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Completing client audit requests to ensure firm compliance, these requests have doubled within the last year
Expand security auditing and ensuring the proper ongoing operations of security tools
Providing internal information security for other business and IT projects. This includes identifying, documenting and implementing secure configurations and architectures.
Oversee information security processes and implementation of policies.
Responsible for security metrics on a monthly basis to ensure the proper service levels are maintained.
Provides additional coverage for approvals and notifications to other IT groups for critical time sensitive operations including firewall changes, password reset approvals, and application vetting.
Ongoing reviews of access controls by investigating improper access; revoking access; reporting violations; monitoring requests; recommending improvements
Provides technical leadership for incident response capabilities including malware analysis, breach investigation, and remediation efforts.
Provide internal consulting on Privacy matters including GDPR
ADDITIONAL DUTIES AND RESPONSIBILTIES:
Maintains awareness of industry trends and their advantages with the ability to make recommendations for improving technology used by the firm.
Assists in negotiations of software licensing and support agreements.
Participates in and/or manages cross-functional team projects to implement new or updated technology.
Cross-trains other IT staff in the use or maintenance of technology.
Effectively manages medium projects.
Displays professionalism, quality service and a "can do" attitude to internal members/departments of the Firm as well as external clients and vendors via electronic and print correspondence, over the telephone and in-person.
Provides information security knowledge transfer to other IT staff and business
Assumes additional responsibilities as assigned.
KNOWLEDGE, SKILLS AND COMPETENCIES:
Expert knowledge in IT Security frameworks and solutions.
Active participation in IT Security Forums inside/outside of the Legal Industry.
Excellent technical communication skills with a strong desire to achieve customer satisfaction; must be able to communicate effectively across entire organizations.
Operating knowledge of security configurations with respect to one or more of the following security products
Minimum of 5 years’ experience working in the capacity of an Information Security Analyst
CISSP or equivalent preferred
WORKING CONDITIONS/PHYSICAL REQUIREMENTS: Physical attributes an employee must have in order to perform the essential function of a job with or without a reasonable accommodation e.g. sit for extended periods of time, ability to lift 10 lbs.; how much travel should an employee expect with this job; type of environment associated with job e.g. indoor/outdoor.