Requisition Number: 2021-04-03081-0160-002
Job Title: Information Security Analyst
City: New York
State: NY
Shift: Monday - Friday; 9:30 AM - 5:30 PM
Hours: 35

Simpson Thacher & Bartlett LLP is a leading global law firm with offices in New York, Beijing, Hong Kong, Houston, London, Los Angeles, Palo Alto, São Paulo, Tokyo and Washington, D.C. Established in 1884, the Firm currently has more than 850 lawyers. On a world-wide basis, the Firm provides coordinated legal advice on the largest and most complex corporate transactions and litigation matters in industries which include financial services, insurance, power and natural resources, consumer products, services, technology, telecommunications, media, pharmaceuticals and healthcare industries. Cross-border finance, banking and bank regulation, mergers and acquisitions, securities issuance and regulation, project and asset based finance, real estate, asset management, joint ventures, taxation, litigation and dispute resolution are important aspects of the Firm’s practice.

Information Security Analyst

Apply Now

Description/Job Summary

The Information Security Analyst must understand that legacy, present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. Given that vulnerability management and risk exposure extend across all technical systems Firm-wide, the Analyst will be responsible for reporting, remediation, identifying assets and vulnerabilities, and continuous assessment. The Analyst must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.


  • Administer, configure, and support the SCCM Enterprise environment (with regards to patching).
  • Leverage the Firm’s SCCM infrastructure in support of patch deployment.
  • Troubleshoot SCCM issue on workstations and servers .
  • Responsible for the Qualys Vulnerability Management environment and the supporting processes for the detection and assessment of identified vulnerabilities.
  • Manage vulnerabilities across applications, endpoints, databases and networking devices assets.
  • Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation.
  • Perform vulnerability testing, reviews, and provide recommendations to enhance and expand STB’s cybersecurity landscape.
  • Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization's security posture against them.
  • Assist with strategic initiatives for short, as well as long-term plans to identify and reduce the attack surface across applications and systems.
  • Analyze potential threats from a multitude of log sources and decide whether events are false positives or potential security threats.
  • Ability to decide potential impact and whether escalation and reporting are required.
  • Monitor and analyze a Security Information and Event Management (SIEM) and other alerting systems to identify security issues for remediation.
  • Maintain a high level of rigor to stay up-to-date with advancements in technology, while also retaining knowledge of older systems and applications in use.
  • Work with the IT Security Team to perform tests and uncover network vulnerabilities
  • Help colleagues install security software and understand information security management
  • Research security enhancements and make recommendations to management
  • Stay up-to-date on information technology trends and security standards

Required Experience

  • Minimum 3-4 years of relevant experience
  • Hands on experience with SCCM
  • Solid understanding of information security
  • Must be able to work collaboratively in a team environment and independently
  • Ability to handle sensitive and/or confidential material with discretion
  • Excellent interpersonal skills and a professional demeanor; ability to work effectively with all levels of Firm personnel and vendors
  • Excellent written and verbal communication skills, ability to communicate clearly and concisely
  • Strategic thinker with strong analytical and problem-solving skills
  • Demonstrated project management skills, organizational and execution skills with strong attention to detail
  • Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation
  • Must be flexible in order to respond quickly and positively to shifting demands

Required Education

  • Bachelor’s degree, IT related discipline

Preferred Education

  • Major in Computer Science, or related field
Apply Now
Simpson Thacher & Bartlett is committed to a collegial work environment in which all individuals are treated with respect and dignity. The Firm prohibits discrimination or harassment based upon race, color, religion, gender, age, national origin, citizenship status, disability, marital or partnership status, sexual orientation, protected veteran’s status or any other legally protected status. “Gender” includes actual or perceived sex, a person’s gender identity, self-image, appearance, behavior or expression, whether or not that gender identity, self-image, appearance, behavior or expression is different from that traditionally associated with the legal sex assigned to that person at birth. This Policy pertains to every aspect of an individual’s relationship with the Firm, including but not limited to recruitment, hiring, compensation, benefits, training and development, promotion, transfer, discipline, termination, and all other privileges, terms and conditions of employment.