Title: INFORMATION SECURITY ANALYST
Location: Century City, CA
DURATION: FULL TIME
Reporting to the Chief Information Security Officer (CISO), the Information Security Analyst is responsible for information security policy development and maintenance; monitoring compliance with Firm IT security policy and applicable law; communicating security policy education and awareness activities and coordinating investigation and reporting of security incidents. Working with Client’s Technology Systems support team, the Information Security Analyst will assess business continuity and disaster recovery programs, perform network penetration tests, vulnerability assessment scans and risk assessment reviews.
Duties and/or Responsibilities:
Coordinate response and/or remediate information security incidents. Participate and implement IT security projects for the firm.
Monitor and advise on information security issues related to the systems and workflow to ensure the internal security controls for the firm are appropriate and operating as intended.
Maintain Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
Conduct firm-wide data classification assessment and security audits and manage remediation plans. Communicate and participate in maintaining usersecurity awareness.
Conduct security research in keeping abreast of latest security issues. Actively participate in security communities such as LegalSEC. Maintain the ISMS (Information Security Management System).
Maintain the ISO 270001 Statement of Applicability, Controls and Risk treatment. Participate in planning off Disaster Recovery/Business Continuity initiatives. Perform other related duties as assigned.
The Information Security Analyst will be expected to have:
• 3-5 years working in the IT field and/or with fJ Security.
Expert knowledge of Security tools and concepts including: IDS/IPS; SIEM; Web Proxy; Encryption; Patch management; Vulnerability Scanning& Remediation;Forensics; Penetration Testing; DLP; Email Ga teways; Anti-spam Services; MOM; Privileged Account Management; Log Analytics; Two Factor Authentication; SingleSign On; Antivirus.
• Exceptional communication skills both within and outside of the IT Department.
• Knowledge of security best practices and concepts that maintain and enforce security policies
• High understanding of the mechanisms of exploitation and corresponding mitigation techniques
• Ability to analyze and prepare recommendations relating to security and compliance for existing and future IT architecture.
• Ability to communicate security exposures, misuse or non-compliance situations to management
Education and Experience
Any combination equivalent to: Bachelor's degree in Information Security & Assurance and/or equivalent IT industry experience. At least 3 years of experienceworking in a Microsoft/Cisco network environment
• Previous law firm experience is highly desired.
9901 E Valley Ranch Parkway,
Irving, Texas 75063,