Legal Staff Information Technology in Los Angeles, CA

Law Firm

Los Angeles, CA

Legal Staff Information Technology in Los Angeles, CA

Legal Staff

No

Job Title: Security Analyst

Job Responsibilities:
- Security Monitoring: The Security Analyst is responsible for daily hands-on activities to identify, analyze, and mitigate threats to the organization's internal IT systems and networks. This includes performing threat hunting and log reviews to identify indicators of compromise in logs and alerts from various security tools, such as firewalls, intrusion detection systems, and SIEM. The analyst will analyze suspicious activity, investigate potential security breaches, and escalate critical security issues to senior engineers.

- Email and Web Filtering: The analyst will adjust email and web filtering tools to reduce malware and phishing attacks, as well as configure and troubleshoot security infrastructure devices like intrusion detection systems and antivirus software.

- Vulnerability Management: The role involves performing vulnerability scans on systems and networks to identify potential weaknesses, analyzing scan results, and prioritizing vulnerabilities based on risk level. The analyst will also participate in remediation efforts by coordinating with system owners to patch vulnerabilities under the guidance of senior engineers.

- Security Policy Implementation: The analyst will participate in the enforcement of security policies and procedures, ensuring compliance with industry security standards and regulations. They will also ensure the proper usage of elevated accounts and adhere to stringent security standards, policies, and procedures for IT infrastructure and third-party vendors.

- Documentation and Support: The analyst is required to prepare and maintain documentation for standard operating procedures and security protocols. They will provide support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security. The role involves working closely with IT teams and other stakeholders to ensure security measures are understood and implemented effectively. The analyst will support other teams and management with security concerns.

- Security Assessments: The analyst will conduct security assessments on new systems and applications, assist with penetration testing activities, and work with approved external security vendors to conduct penetration and vulnerability testing. They will regularly perform security audits to identify vulnerabilities and ensure compliance with security policies.

- Incident Response: The analyst will participate in incident response activities by assisting with containment, eradication, and recovery procedures. They will document and report on security incidents in close collaboration with senior engineers.

- Technical Skills Development: Staying updated on the latest cybersecurity threats and vulnerabilities is essential. The analyst will participate in the legal security community and information security feeds, learn about security tools and technologies, and demonstrate proficiency in scripting languages for security automation. They will also retain and acquire additional security-related certificates.

Education and Experience Information:
- A BA/BS Degree or higher in an Information Systems discipline is required.
- Knowledge of ISO 27001 is preferred.
- Security certifications from ISC2, GIAC, CompTIA, and others are desirable.
- The candidate should have knowledge of security principles and best practices, understanding of IT Security in a Microsoft environment, and network protocols, firewalls, VPNs, and intrusion detection/prevention systems.
- Knowledge of encryption algorithms and secure communication methods is necessary.
- The candidate should be familiar with Email Security and web browsing security tools.
- Experience with security tools such as antivirus software, SIEM systems, and vulnerability scanners is required.
- Knowledge of using SAML/ADFS/MFA is preferred.
- Proficiency with Microsoft Office is required.
- Excellent oral and written communication skills are necessary.
- The candidate must be able to interface with all levels of firm management and staff and work with limited supervision.
- The ability to work independently as well as thrive in a team-oriented environment is essential.
- The candidate must be able to commute to the office location from Tuesday through Thursday weekly.

Salary Information:
The base annual pay range for the Security Analyst role is $75,000 - $90,000. The base pay offered will vary depending on the candidate's skills, qualifications, experience, and location. It will also take into account internal equity. A full range of medical, financial, and/or other benefits dependent on the position will also be offered.

Equal Employment Opportunity Statement:
The law firm is an equal opportunity employer, dedicated to a policy of non-discrimination in employment on any basis including race, color, physical or mental disability, religion, creed, national origin, citizenship status, ancestry, sex or gender (including gender identity, gender expression, status as a transgender or transsexual individual, pregnancy, childbirth, or related medical conditions), age (over 40), genetic information, past, current, or prospective service in the uniformed services, sexual orientation, political activity or affiliation, genetic or any other protected classes or characteristics protected under applicable federal, state, or local law. Consistent with the Americans with Disabilities Act, applicants may request accommodations needed to participate in the application process.

Work Authorization Information:
This employer will provide the Social Security Administration and, if necessary, the Department of Homeland Security, with information from each new employee’s Form I-9 to confirm work authorization. If the government cannot confirm that a candidate is authorized to work, the employer is required to provide written instructions and an opportunity to contact SSA and/or DHS before taking adverse action against the candidate, including terminating employment. Employers may not use E-Verify to pre-screen job applicants or to re-verify current employees and may not limit or influence the choice of documents presented for use on the Form I-9. To determine whether Form I-9 documentation is valid, this employer uses E-Verify’s photo screening tool to match the photograph appearing on some permanent resident and employment authorization cards with the official . Citizenship and Immigration Services’ photograph. If an employer has violated its responsibilities under this program or has discriminated against a candidate during the verification process based on national origin or citizenship status, the candidate is advised to call the Office of Special Counsel.