Reporting to the Information Security Director, the Senior Information Security Analyst works alongside two additional Senior Security Analysts and the Information Security Manager. Collectively, this team is responsible for the ongoing operation of the Firm’s information security program. The Senior Security Analyst is a wide ranging, hands on role encompassing the design, implementation and maintenance of advanced security technologies, performing in-depth security reviews for new projects and technologies, conducting third party risk assessments, and providing frontline response for all security incidents. The ability to communicate effectively with all levels of the business regarding security issues while ensuring that the firm’s information assets are properly protected is essential.
- Act as the primary resource/lead for at least 2 of the Firm’s security platforms (Firewalls – Palo Alto, End Point Protection – Palo Alto TRAPS, FireEye, Symantec, Privileged Account Management – CyberArk, SIEM – Splunk,etc.) including design, implementation, and maintenance of those platforms.
- Act as a backup resource for other security platforms in use by the Firm, developing a working knowledge the comprehensive securityarchitecture in order to support those technologies when needed, as well as integrate one’s area of responsibility creatively and effectively.
- Actively participate in client security assessments, audits, and outside counsel guideline review; including performing gap analysis, evidence collection, and creation of highly professional, written responses.
- Using established processes, conduct detailed, written security reviews for vendors, projects, and technologies. The security review process includes conducting initial intake interviews with stakeholders, researching and performing due diligence, using third party risk management tools, conducting risk assessments, and presenting final recommendations for moving forward in a secure manner.
- Throughout the system development lifecycle (SDLC), assess and review the Firm’s current technology infrastructure to identify key risk areas, ensuring that adequate controls are in place to address those risks. Take a lead position to research specific security technologies and controls as requested by senior management.
- Perform front line security incident response as a member of a 4 person on call rotation. Using the Firm’s established processes and procedures, provide timely investigation and resolution to all suspicious email reports, malware instances, and other securityevents.
- Participate actively in the Information Security team’s effort to mature security policies, processes, and procedures, including improvements to the following:
- Incident Response processes.
- Threat intelligence data management.
- Key Performance Indicator (KPI) Development
- As assigned, conduct periodic scheduled processes and procedures such as running vulnerability scans, and periodic privileged access reviews.
- Maintain operational responsibility for the information security team’s ticketing queue, primarily relating to the evaluating and managing tickets requesting policy exceptions.
- Offer insights and collaborate within the team to provide input to strategic and tactical planning, initiatives, and projects.
- Four yeardegree in computer science or related field, or the equivalent work experience.
- A minimum of 3-5 years of experience in an information technologysecurity role, or equivalent work experience in other areas of the broader Information Technology field. Information Security certifications are considered a plus (CISSP, CISA, CEH, GSEC, OSCP, CRISC, Palo Alto, Cisco, Splunk, and others). Non-security certifications in Cisco, Microsoft, and Cloud considered.
- This role is highly technical and expertise in at least some of the following is required: Next generation firewalls (Palo Alto) and endpoint tools (TRAPS, FireEye, Symantec), web proxies (Websense), ethical hacking, email firewalls (Proofpoint), SIEMs (Splunk), threat analysis tools, vulnerability scanners, authentication, encryption, authorization, continuous auditing tools/techniques, network segmentation, access control, privileged account management, or other information security tools. Deep understanding of networking and operating systems concepts considered very important.
- This role requires diligent adherence to specified processes and procedures with a professional and consistent end product.
- Experience managing and leading security projects, including defining requirements, developing project plans, and delivering results
- Excellent oral and written communication skills.
- Strong organizational skills to handle multiple priorities.