Information Security Analyst III

About The Position

Requirements

• Bachelor's degree in computer science, Information Systems or other related security-focused field or equivalent work experience.
• Minimum of 3-5 years of experience in IT security, network security, or a related experience or field.
• High-level understanding of various IT Security standards and best practices (e.g., CIS baselines, NIST 800-53, ISO 27002 controls).
• High-level understanding of cyberattack methodologies and techniques, system vulnerabilities and common indicators of compromise, penetration testing and threat hunting techniques.
• High-level understanding of core security technologies like anti-malware, authentication, encryption, EDR, SIEM, and DLP.
• Working knowledge of network and security protocols including TCP/IP, SMTP, FTP, SSH, TLS, SSL, HTTP, IPsec and other VPN protocols.
• Experience with network, system, and application security.
• Experience with security monitoring, incident response, and threat analysis.
• Knowledge of security best practices and standards.
• Familiarity with scripting and automation tools.
• Ability to accurately reconcile technical details associated with a wide array of topics pertaining to cybersecurity and IT systems, infrastructure, and applications.
• Excellent problem-solving and analytical skills.
• Ability to effectively manage time-critical projects and tasks with minimal supervision.
• Excellent communication and interpersonal skills.
• Demonstrated awareness of how cybersecurity decisions affect broader business operations and costs, with the ability to recommend improvements that align with organizational priorities.
• Demonstrated personal integrity, ability to handle confidential matters professionally and with discretion.
• Sound judgment and decision-making commensurate with the position and its responsibilities.
• The desire, commitment, and ability to be a team player.
• Ability to manage expectations, align different points of view and gain consensus.
• Strong analytical, process and problem-solving skills.
• Detail oriented and organized, with an ability to track multiple efforts to completion.
• Ability to explain technical concepts to non-technical audiences and business risk as it relates to information security.
• Excellent time management skills to effectively manage multiple and sometimes competing priorities.
• Ability to develop structured plans for short-term work activities and manage own time to consistently meet agreed targets across multiple concurrent security efforts.
• Must be a fast and voracious learner.
• Capable of being effective and calm under pressure.
• Passionate about keeping the Firm's global technology environment safe, reliable and secure.
• Results oriented, self-motivated and capable of performing several tasks simultaneously.
• Professional attitude and presentation.

Nice To Haves

• Security related certification is a plus (e.g., CompTIA Network+ and Security+, CISSP, SANS GSEC, SANS GCIH, CEH, ECIH, OSCP, PNPT, or similar).

Responsibilities

• Function as escalation point for junior security analysts.
• Perform in-depth threat intelligence analysis (e.g., updated detection rules, IOCs) to find attackers, identify types of attack, and pinpoint systems or data impacted.
• Identify threats that have entered the network, and security gaps and vulnerabilities currently unknown.
• Perform system (e.g., endpoint security solutions, firewalls, SIEM, etc.) configurations and create rules for anomaly detection or visualizations.
• Represent IT Security on incident bridges or other security calls.
• Perform threat hunting and recommend optimization opportunities for security monitoring tools to improve threat hunting and identification efforts.
• Perform vulnerability assessments and penetration tests to identify weaknesses and provide data-driven remediation guidance to improve organizational resilience.
• Review alerts, threat intelligence, and security data.
• Monitor security events and logs from a variety of systems and networks.
• Identify and respond to potential security incidents and threats.
• Perform analysis and investigations with a variety of systems and network infrastructure devices, utilizing forensic data obtained from system logs, cybersecurity tools, and other data sources (e.g., threat intelligence, system logs, processes, malware files, threat intelligence, etc.).
• Assess impact and scope of incidents as they arise and coordinate escalation to other team members and other IT functions as appropriate.
• Proactively implement security controls to detect security events, harden information assets, and reduce cybersecurity risk, upon direction of the Security Operations Center Lead.
• Develop and document processes and procedures for responding to security incidents.
• Develop and maintain security incident response plans.
• Provide technical guidance, training, and support to other members of the security team.
• Continuously maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures.
• Maintain expert-level knowledge of the operation and administration of cybersecurity applications used by the SOC.
• Maintain knowledgebase articles, policies, procedures, processes, and other security-related documentation.
• Generate reports to monitor cybersecurity risk.
• Share in the representation of IT Security in non-security IT projects.
• Identify, track, and oversee the mitigation of information security risks, internal, external and client audit findings, exceptions, waivers, and other security issues.
• Proactively engage with stakeholders and clients to identify security requirements and deliver tailored, mutually agreed-upon solutions that align with business needs.
• Apply knowledge of internal and external business issues and cybersecurity best practices to continuously improve security services and controls, with awareness of associated costs and resource implications.
• Contribute to the identification of cost-effective security solutions that balance risk reduction with operational efficiency.
• Develop and manage short-term work plans for security activities within the SOC, ensuring tasks are organized, prioritized, and completed in line with agreed targets and timelines.
• Perform any and all other duties as necessary and as assigned for efficient functioning of the Department, Office, and Firm.