Senior Information Security Analyst

About The Position

Requirements

• Proficient in both verbal and written communication, with the ability to convey technical information to non-technical audiences.
• Strong analytical abilities with a keen attention to detail, essential for identifying and addressing security events.
• Skilled in identifying, triaging, and analyzing security events using Security Information and Event Management systems.
• Deep understanding of incident response processes and methodologies.
• Familiarity with scripting languages to automate security operations and enhance the incident response process.
• Demonstrated understanding of the methodologies used by attackers, which supports proactive defense measures.
• Solid grasp of intrusion detection systems, AI-based attack detection and prevention strategies, and SOC (Security Operations Center) operations.
• Knowledge of cloud infrastructure and security considerations in a cloud environment.
• Familiarity with core infrastructure components such as DNS, Active Directory, and Exchange.
• Bachelor's Degree in Information Security, Cybersecurity or similar fields
• 7 years of experience working within Cybersecurity field
• Effectively communicate, verbally and in writing, with clients, lawyers, business professionals, and third parties;
• Produce deliverables, answer phone calls, and reply to correspondence in an efficient and responsive manner;
• Provide timely, accurate, and quality work product;
• Successfully meet deadlines, expectations, and perform work duties as required;
• Foster positive work relationships;
• Comply with all firm policies and practices;
• Engage in both physical and sedentary activity, such as (a) working at a computer for extended periods of time, including on-screen reading and typing; (b) participating in digital/virtual conference calls; (c) participating in meetings as needed;
• Ability to work under pressure and manage competing demands in a fast-paced environment;
• Perform all other duties, tasks or projects as assigned.

Nice To Haves

• Prior experience with security tools like Microsoft Defender, CrowdStrike, and Palo Alto Networks is desirable.
• Experience in professional services sectors such as legal, finance, or consulting is preferred.
• Master's Degree in Information Security, Cybersecurity or similar fields
• Professional-level industry certification (e.g. CISSP, GIAC, SANS, etc.) preferred

Responsibilities

• Mentoring and guiding Information Security Analysts.
• Responsible for evaluating the effectiveness of and improving various information security program functions at the Firm.
• Reviewing Security Incident and Event Management (SIEM) systems, which includes regularly reporting of metrics and summaries regarding ongoing investigations and ticket tracking.
• Performing alert triage, which involves investigating and analyzing security incidents, identifying root causes, and developing appropriate mitigation strategies.
• Ensuring effective Endpoint Threat Detection, including EDR capabilities, traditional antivirus, asset management, and familiarity with baseline and configuration management tools.
• Managing Next Generation Firewalls and/or Intrusion Detection/Prevention Systems (IDS/IPS).
• Engaging in Threat Hunting and utilizing Threat Intelligence.
• Utilizing malware sandbox technologies and interpreting the results.
• Overseeing Incident Response tools, processes, and capabilities.
• Possessing experience or a deep understanding of vulnerability and configuration management.
• Conducting independent project work.
• Provides leadership to and manages a team of business professionals to include coaching, mentoring and professional development.
• Responsible for providing performance feedback on a regular basis.

Benefits

• medical/dental/vision insurance
• 401(k)