Requisition Number: 2021-04-03081-0160-002
Job Title: Information Security Analyst
City: New York
Shift: Monday - Friday; 9:30 AM - 5:30 PM
Simpson Thacher & Bartlett LLP is a leading global law firm with offices in New York, Beijing, Hong Kong, Houston, London, Los Angeles, Palo Alto, São Paulo, Tokyo and Washington, D.C. Established in 1884, the Firm currently has more than 850 lawyers. On a world-wide basis, the Firm provides coordinated legal advice on the largest and most complex corporate transactions and litigation matters in industries which include financial services, insurance, power and natural resources, consumer products, services, technology, telecommunications, media, pharmaceuticals and healthcare industries. Cross-border finance, banking and bank regulation, mergers and acquisitions, securities issuance and regulation, project and asset based finance, real estate, asset management, joint ventures, taxation, litigation and dispute resolution are important aspects of the Firm’s practice.
The Information Security Analyst must understand that legacy, present-day systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. Given that vulnerability management and risk exposure extend across all technical systems Firm-wide, the Analyst will be responsible for reporting, remediation, identifying assets and vulnerabilities, and continuous assessment. The Analyst must collaborate with others on the team for remediation and additional validation, as well as contribute to other collaborative approaches driven by the security team strategy.
Administer, configure, and support the SCCM Enterprise environment (with regards to patching).
Leverage the Firm’s SCCM infrastructure in support of patch deployment.
Troubleshoot SCCM issue on workstations and servers .
Responsible for the Qualys Vulnerability Management environment and the supporting processes for the detection and assessment of identified vulnerabilities.
Manage vulnerabilities across applications, endpoints, databases and networking devices assets.
Document, prioritize and formally report asset and vulnerability state, along with remediation recommendations and validation.
Perform vulnerability testing, reviews, and provide recommendations to enhance and expand STB’s cybersecurity landscape.
Work closely with infrastructure teams to advise and support remediation efforts to close vulnerability exposure to new threats in the wild and verify the organization's security posture against them.
Assist with strategic initiatives for short, as well as long-term plans to identify and reduce the attack surface across applications and systems.
Analyze potential threats from a multitude of log sources and decide whether events are false positives or potential security threats.
Ability to decide potential impact and whether escalation and reporting are required.
Monitor and analyze a Security Information and Event Management (SIEM) and other alerting systems to identify security issues for remediation.
Maintain a high level of rigor to stay up-to-date with advancements in technology, while also retaining knowledge of older systems and applications in use.
Work with the IT Security Team to perform tests and uncover network vulnerabilities
Help colleagues install security software and understand information security management
Research security enhancements and make recommendations to management
Stay up-to-date on information technology trends and security standards
Minimum 3-4 years of relevant experience
Hands on experience with SCCM
Solid understanding of information security
Must be able to work collaboratively in a team environment and independently
Ability to handle sensitive and/or confidential material with discretion
Excellent interpersonal skills and a professional demeanor; ability to work effectively with all levels of Firm personnel and vendors
Excellent written and verbal communication skills, ability to communicate clearly and concisely
Strategic thinker with strong analytical and problem-solving skills
Demonstrated project management skills, organizational and execution skills with strong attention to detail
Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation
Must be flexible in order to respond quickly and positively to shifting demands
Simpson Thacher & Bartlett is committed to a collegial work environment in which all individuals are treated with respect and dignity. The Firm prohibits discrimination or harassment based upon race, color, religion, gender, age, national origin, citizenship status, disability, marital or partnership status, sexual orientation, protected veteran’s status or any other legally protected status. “Gender” includes actual or perceived sex, a person’s gender identity, self-image, appearance, behavior or expression, whether or not that gender identity, self-image, appearance, behavior or expression is different from that traditionally associated with the legal sex assigned to that person at birth. This Policy pertains to every aspect of an individual’s relationship with the Firm, including but not limited to recruitment, hiring, compensation, benefits, training and development, promotion, transfer, discipline, termination, and all other privileges, terms and conditions of employment.