cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Viewer

Security Analyst position open at Goodwin Procter

The Information Security Analyst position is an additional position within the firm’s Information Security team. This position will help meet increased internal and client information security demands and growing compliance needs. Currently, the Information Security team is comprised of two full time positions responsible for security at the firm. Internal and client demands have risen dramatically over the last sixteen months as new client requirements, internal technologies, and certifications have expanded in scope. Additional compliance requirements centered on privacy are also a major area of growth. This position is critical to maintain the firm’s information security standing with clients and industry as a whole.

 

 

ESSENTIAL DUTIES AND RESPONSIBILITIES:

  • Completing client audit requests to ensure firm compliance, these requests have doubled within the last year
  • Expand security auditing and ensuring the proper ongoing operations of security tools
  • Providing internal information security for other business and IT projects.  This includes identifying, documenting and implementing secure configurations and architectures.
  • Oversee information security processes and implementation of policies.
  • Responsible for security metrics on a monthly basis to ensure the proper service levels are maintained.
  • Provides additional coverage for approvals and notifications to other IT groups for critical time sensitive operations including firewall changes, password reset approvals, and application vetting.
  • Ongoing reviews of access controls by investigating improper access; revoking access; reporting violations; monitoring requests; recommending improvements
  • Provides technical leadership for incident response capabilities including malware analysis, breach investigation, and remediation efforts.
  • Provide internal consulting on Privacy matters including GDPR

     

     

    ADDITIONAL DUTIES AND RESPONSIBILTIES

  • Maintains awareness of industry trends and their advantages with the ability to make recommendations for improving technology used by the firm.
  • Assists in negotiations of software licensing and support agreements.
  • Participates in and/or manages cross-functional team projects to implement new or updated technology.
  • Cross-trains other IT staff in the use or maintenance of technology.
  • Effectively manages medium projects.
  • Displays professionalism, quality service and a "can do" attitude to internal members/departments of the Firm as well as external clients and vendors via electronic and print correspondence, over the telephone and in-person.
  • Provides information security knowledge transfer to other IT staff and business
  • Assumes additional responsibilities as assigned.

 

KNOWLEDGE, SKILLS AND COMPETENCIES:

  • Expert knowledge in IT Security frameworks and solutions.
  • Active participation in IT Security Forums inside/outside of the Legal Industry.
  • Excellent technical communication skills with a strong desire to achieve customer satisfaction; must be able to communicate effectively across entire organizations.
  • Operating knowledge of security configurations with respect to one or more of the following security products
  • SIEM: Splunk, IBM QRadar, HP Arcsight
  • Endpoint Security: Carbon Black, Symantec, Beyond Trust
  • Firewalls: Palo Alto Networks, Cisco, McAfee, Checkpoint
  • IDS/IPS: Palo Alto Networks, Cisco, FireEye
  • NAC: Cisco, Aruba
  • Operating knowledge of security issues associated with one or more of the following network platforms and related Edge devices: Cisco, Nexus,  Checkpoint, Aruba, Riverbed
  • Strong security knowledge of O/S (desktop and server) Security – Windows, Linux.
  • Strong security knowledge of browser security issues (IE, Safari, Chrome).
  • Ability to learn new technologies and security features.
  • Knowledge of Windows and Unix (Linux) operating systems.
  • Excellent analytical, problem solving and troubleshooting skills.
  • Excellent organizational, interpersonal, communication and customer service skills.
  • Knowledge of ITIL Service Management principles.

     

    EDUCATIONAL QUALIFICATIONS/JOB EXPERIENCE REQUIREMENTS:

    Bachelor’s Degree or equivalent.

    Minimum of 5 years’ experience working in the capacity of an Information Security Analyst

    CISSP or equivalent preferred

     

WORKING CONDITIONS/PHYSICAL REQUIREMENTS: Physical attributes an employee must have in order to perform the essential function of a job with or without a reasonable accommodation e.g. sit for extended periods of time, ability to lift 10 lbs.; how much travel should an employee expect with this job; type of environment associated with job e.g. indoor/outdoor.

  • Physical requirements:
  • Travel: 1 week per quarter
  • Environment: office

To apply: https://goodwinprocter.wd5.myworkdayjobs.com/External_Careers/job/Boston/Security-Analyst_R00214