Sr. Information Security Analyst

Overview

The Senior Information Security Analyst is a hands-on position that requires a high level of technical expertise and security knowledge. The person in this role will be responsible for identifying and mitigating potential security incidents and alerts, day-to-day administration of information security tools, assessing the firm’s security practices and configurations, and promoting security awareness across the firm. The person in this position must be comfortable interacting with all levels of firm personnel and must have excellent written and verbal communication skills.

McGuireWoods LLP, with offices in the United States and Europe, is a full-service firm providing legal and public affairs solutions to corporate, individual and nonprofit clients worldwide for more than 200 years collectively. Along with excellent benefits, McGuireWoods offers most employees a hybrid remote option allowing flexibility and work-life balance. For more information, please visit . California residents have special rights with respect to personal information. If you are a California resident applying for a position at McGuireWoods, describes your rights and personal information the firm collects.

Responsibilities

• Incident Response
• Participate in and lead Security Incident Response Teams, as needed.
• Lead troubleshooting effort on all security related problems.
• Provide on-going communications to staff on potential threats to the information security environment and mitigation steps.
• Training
• Participate in the delivery of a firm-wide security awareness program.
• Assessments/Audits
• Assess system and network vulnerabilities and work with responsible groups to address them.
• Respond to audit findings and present remediation steps to management.
• Conduct formal risk assessment reviews to determine the critical points of business exposure.
• Analyze security violation reports for suspicious activities and patterns.
• Security Operations
• Review and monitor firewall, end-point protection, IDS, data loss prevention, vulnerability assessment, and system logs and investigate trends as needed.
• Administer day-to-day operations of security controls, including end-point protection, data loss prevention, two-factor authentication, vulnerability assessment, and web filtering systems.
• Lead firm-wide security patching process.
• Product/Service Evaluation
• Evaluate and recommend security products and services. Represent the firm with outside vendors / organizations and recommend new products/technology to improve security and address business needs.

Qualifications

• Bachelor’s Degree in Information Technology or Computer Information Systems preferred.
• Must have a minimum of three years of relevant experience.
• CISSP and/or CISA certification strongly preferred.
• Prior experience in a law firm environment preferred.
• Demonstrated knowledge and experience with various network protocols, common security tools and security methodologies.
• Ability to balance security requirements with business objectives and the firm’s level of risk tolerance.

Have more questions? Connect with a directl y. #LI-KB1

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share