Under direction of the Information Security Supervisor - Threat Hunting & Analysis, the Information Security Analyst is responsible for responding to events and alerts generated by information security technologies, user reported events and any activity, which is suggestive of a potential information security event/incident.
The Information Security Analyst is a hands on technologist who is proficient in the use of information security technologies used in the investigation of information security events.
The scope of this position is firm wide and requires an understanding of all IT systems the firm uses and how they provide value to the business.
The Information Security Analyst works closely with other members of the Information Security Team in ensuring that the information security posture of the firm is maintained and takes a proactive approach in continually assessing the security of firm systems throughout their lifecycle, providing recommendations for enhancing security and adapting to new threats and vulnerabilities.
* Analyze and respond to security events found internally or via the firm's Managed Security Service Providers * Play a significant role in responding to and containing information security related incidents * Review security context alerts and logs using the firm's security information event management platform (SIEM) or other tools * Serve as the initial point of contact for IQ Track tickets assigned to the Information Security Team * Promptly respond to requests for assistance from end-users and others * Escalate security events/incidents according to defined workflow and in accordance with any relevant SLAs * Thoroughly document the results of security event/incident investigations * Adhere to relevant policies, procedures, standards and security good/accepted practices * Resolve problems independently and understand escalation procedure
* Maintain current security certifications and attend industry seminars and relevant continuing education events * Performs other work related duties as assigned
EDUCATION, EXPERIENCE AND SKILLS REQUIRED:
* Bachelor of Science in a technology related discipline or 3 years of relevant experience * 1 - 3 years of experience in dedicated information security roles * 3-5 years of experience in information technology in an area such as; networking, desktop engineering, programming, systems administration, help desk * Strong critical thinking and problem solving skills * Practical experience with TCP/IP networking concepts and protocols * Significant experience with current Windows operating systems including; Active Directory, Authentication methods, Analysis & interpretation of event logs * Practical experience using endpoint security solutions to identify and resolve events/incidents * Practical experience using a SIEM platform for incident response and event analysis/log correlation * Basic knowledge of networking technologies including; DNS, switching, routing and firewalls * Excellent troubleshooting, problem solving, and verbal/written communication skills * Ability to manage critical situations, and maintain solid relationships with colleagues and firm staff and attorneys * Ability to anticipate problems, communicate them, and resolve if appropriate * Ability to work independently and as part of a team * Must have strong written/verbal communication skills * Must be detail oriented with strong customer service skills * Requires strong interpersonal and organization skills * Take responsibility for customer satisfaction and overall success of managed services * Interface with a variety of customers in a polite, positive, and professional manner * Preferred candidate will have or be able to obtain one or more of the following certifications within their first year of employment: Security+, GSEC, GCIA, GCIH
* Ability to relate to non-technical users in user-friendly language * Ability to understand or learn the technical implications of security threats * Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment * Ability to gauge one's strengths and limitations * Ability to deal with changes and adapt to a changing environment * Must demonstrate the ability to maintain strict confidentiality of the firm's internal and personnel affairs * Ability to work well with others, harness different skills and experience, and build a strong sense of team spirit * Highly self-motivated and directed * Ability to work in a multi-office environment and willingness to travel to other offices as required * Ability to work effectively in a culturally and educationally diverse environment
Normal office environment. Incumbent is expected to work the hours necessary to fulfill the responsibilities of the position.
Periodic travel may be required.
The above is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of essential functions, responsibilities or requirements.
About Ropes & Gray Llp
Ropes and Gray is an international law firm offering a diverse range of consultancy services for legal and business needs.