Requisition Number: 2022-10-03081-0160-001
Job Title: Information Security Analyst
City: New York
State: NY
Shift: Monday - Friday; 9:30 AM - 5:30 PM
Hours: 35

Simpson Thacher & Bartlett LLP is one of the world’s leading international law firms. The Firm was established in 1884 and has more than 1,000 lawyers. Headquartered in New York with offices in Beijing, Brussels, Hong Kong, Houston, London, Los Angeles, Palo Alto, São Paulo, Tokyo and Washington, D.C., the Firm provides coordinated legal advice and transactional capability to clients around the globe. Cross-border finance, banking and bank regulation, mergers and acquisitions, securities issuance and regulation, project and asset based finance, real estate, asset management, joint ventures, taxation, litigation and dispute resolution are important aspects of the Firm’s practice.

Information Security Analyst

Apply Now

Description/Job Summary

The Information Security Analyst is responsible for monitoring the IT security infrastructure within the Firm’s network, articulating technical security requirements, monitoring the effectiveness of the existing IT security controls framework, making recommendations for enhancements, and raising the level of security awareness.  The incumbent will be a part of the security team that safeguards the infrastructure and information across the Firm worldwide. 

Responsibilities/Duties

  • Monitor the Firm’s Security Information and Event Management (SIEM) and other alerting systems to identify security issues for remediation.
  • Analyze and detect phishing / malicious emails and email attachments utilizing the Firm’s tools.
  • Detect the potential impact of incidents or alerts and whether escalation and reporting are required.
  • Analyze potential threats from a multitude of log sources and decide whether events are false positives or potential security threats.
  • Actively monitor and respond to critical systems alarms.
  • Review security and threat intelligence bulletins from open and other intel sources
  • Triage employee reported issues and respond to them via the ticketing system
  • Investigate, document, and report on any information security issues as well as emerging trends
  • Report concerns of residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance, to management
  • Participate in the computer security incident response team efforts and other security investigation activities as assigned
  • Participate in security incident response efforts to include remediation with an appropriate sense of urgency and criticality
  • Work with IT team to produce monthly operational metrics
  • Drive continuous improvement through trend analysis reporting and metrics management
  • Provide technical assistance to IT staff in the detection and resolution of security problems
  • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks
  • Communicate and report issues, status, and results to senior management
  • Perform other duties as assigned

Required Experience

  • 3+ years of experience in information security related responsibilities
  • Understanding of operating systems such as Windows
  • Understanding of networking, network components and security tools (i.e., malware prevention, vulnerability scanners and networks)
  • Knowledgeable in DLP, SIEM, AV, APT and Vulnerability Analysis principles
  • Ability to effectively prioritize and execute tasks
  • Ability to effectively present information verbally and in writing
  • Must be able to work collaboratively in a team environment and independently
  • Ability to handle sensitive and/or confidential material and information with suitable discretion
  • Excellent interpersonal skills and a professional demeanor; ability to work effectively with all levels of Firm personnel and vendors

Required Education

  • Bachelor’s degree required
  • Understanding of the latest security tools (i.e., malware prevention, vulnerability scanners and networks)
  • Professional certifications, such as CISSP, CISA, or CISM

Details

Salary Information

The estimated base salary range for this position is $110k to $125k at the time of posting. The actual salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job.

Apply Now

Simpson Thacher & Bartlett is committed to a collegial work environment in which all individuals are treated with respect and dignity. The Firm prohibits discrimination or harassment based upon race, color, religion, gender, age, national origin, citizenship status, disability, marital or partnership status, sexual orientation, protected veteran’s status or any other legally protected status. “Gender” includes actual or perceived sex, a person’s gender identity, self-image, appearance, behavior or expression, whether or not that gender identity, self-image, appearance, behavior or expression is different from that traditionally associated with the legal sex assigned to that person at birth. This Policy pertains to every aspect of an individual’s relationship with the Firm, including but not limited to recruitment, hiring, compensation, benefits, training and development, promotion, transfer, discipline, termination, and all other privileges, terms and conditions of employment.