Job Details

Legal Staff Paralegal in New York City NY

Organization Type

Law Firm

Job Type

Legal Staff

Posted on

Jul 11,2019

Years of Experience

3-5 yrs required

Location

New York City, NY, United States
Practice Area
Data Privacy >> Data Privacy
Information Technology >> Information Technology
Apply for this job
 
Your Email:
Upload Resume:

 

Profile

Senior Security Analyst
Duties: Reporting to the Information Security Director, the Senior Information Security Analyst works alongside three additional Senior Security Analysts and the Information Security Manager. Collectively, this team is responsible for the ongoing operation of the Firm’s information security program. Act as the primary resource/lead for at least 2 of the Firm’s security platforms (Palo Alto Firewalls, FireEye HX, Symantec EP, CyberArk, Splunk, Varonis, Vectra, Forescout, Forcepoint, Illumio, and others) including design, implementation, and maintenance of those platforms. Act as a backup resource for other security platforms in use by the Firm, developing a working knowledge the comprehensive security architecture in order to support those technologies when needed, as well as integrate one’s area of responsibility creatively and effectively. Develop scripts using Python, Powershell, Splunk Processing Language (SPL) or other scripting language to automate mundane or time-intensive tasks. Integrate these automation scripts into the security architecture in a transparent and supportable way to augment the teams current abilities. Perform front line security incident response as a member of a 4 person on call rotation. Using the Firm’s established processes and procedures, provide timely investigation and resolution to all suspicious email reports, malware instances, and other security events. Develop automation scripts to assist in the team’s incident response effort. Using established processes, conduct detailed, written security reviews for vendors, projects, and technologies. The security review process includes conducting initial intake interviews with stakeholders, researching and performing due diligence, using third party risk management tools, conducting risk assessments, and presenting final recommendations for moving forward in a secure manner. Throughout the system development lifecycle (SDLC), assess and review the Firm’s current technology infrastructure to identify key risk areas, ensuring that adequate controls are in place to address those risks. Take a lead position to research specific security technologies and controls as requested by senior management. Lead efforts to improve cyber threat intelligence (CTI) gathering, analysis, and management. As assigned, conduct periodic scheduled processes and procedures such as running vulnerability scans, and periodic privileged access reviews. Maintain operational responsibility for the information security team’s ticketing queue, primarily relating to the evaluating and managing tickets requesting policy exceptions. Offer insights and collaborate within the team to provide input to strategic and tactical planning, initiatives, and projects.

Qualification and Experience

Qualifications: Four year degree in computer science or related field, or the equivalent work experience. Information Security certifications are considered a plus (CISSP, CISA, CEH, GSEC, OSCP, CRISC, Palo Alto, Cisco, Splunk, and others). Non-security certifications in Cisco, Microsoft, and Cloud considered. 3-5 years of experience in an information technology security role, or equivalent work experience in other areas of the broader Information Technology field. Strong scripting abilities preferred. A highly technical and expertise in at least some of the following is required: Next generation firewalls (Palo Alto) and endpoint tools (FireEye, Symantec), web proxies (Forcepoint), ethical hacking, email firewalls (Proofpoint), SIEMs (Splunk), threat analysis tools, vulnerability scanners, authentication, encryption, authorization, continuous auditing tools/techniques, network segmentation, access control, privileged account management, or other information security tools. Deep understanding of networking and operating systems concepts considered very important. This role requires diligent adherence to specified processes and procedures with a professional and consistent end product. Experience managing and leading security projects, including defining requirements, developing project plans, and delivering results Excellent oral and written communication skills. Strong organizational skills to handle multiple priorities.

Company info

Apply Now

Similar Jobs:

Paralegal Duties : Will learn how to file and manage cases in federal and state courts throughout t...
Paralegal The candidate should preferably be able to docket and schedule events, perform data entry...
Paralegal The candidate should have ability to prioritize and multitask. Excellent written and verb...