Requisition Number: 2022-10-03081-0160-001
Job Title: Information Security Analyst
City: New York
Shift: Monday - Friday; 9:30 AM - 5:30 PM
Simpson Thacher & Bartlett LLP is one of the world’s leading international law firms. The Firm was established in 1884 and has more than 1,000 lawyers. Headquartered in New York with offices in Beijing, Brussels, Hong Kong, Houston, London, Los Angeles, Palo Alto, São Paulo, Tokyo and Washington, D.C., the Firm provides coordinated legal advice and transactional capability to clients around the globe. Cross-border finance, banking and bank regulation, mergers and acquisitions, securities issuance and regulation, project and asset based finance, real estate, asset management, joint ventures, taxation, litigation and dispute resolution are important aspects of the Firm’s practice.
The Information Security Analyst is responsible for monitoring the IT security infrastructure within the Firm’s network, articulating technical security requirements, monitoring the effectiveness of the existing IT security controls framework, making recommendations for enhancements, and raising the level of security awareness. The incumbent will be a part of the security team that safeguards the infrastructure and information across the Firm worldwide.
Monitor the Firm’s Security Information and Event Management (SIEM) and other alerting systems to identify security issues for remediation.
Analyze and detect phishing / malicious emails and email attachments utilizing the Firm’s tools.
Detect the potential impact of incidents or alerts and whether escalation and reporting are required.
Analyze potential threats from a multitude of log sources and decide whether events are false positives or potential security threats.
Actively monitor and respond to critical systems alarms.
Review security and threat intelligence bulletins from open and other intel sources
Triage employee reported issues and respond to them via the ticketing system
Investigate, document, and report on any information security issues as well as emerging trends
Report concerns of residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance, to management
Participate in the computer security incident response team efforts and other security investigation activities as assigned
Participate in security incident response efforts to include remediation with an appropriate sense of urgency and criticality
Work with IT team to produce monthly operational metrics
Drive continuous improvement through trend analysis reporting and metrics management
Provide technical assistance to IT staff in the detection and resolution of security problems
Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks
Communicate and report issues, status, and results to senior management
Perform other duties as assigned
3+ years of experience in information security related responsibilities
Understanding of operating systems such as Windows
Understanding of networking, network components and security tools (i.e., malware prevention, vulnerability scanners and networks)
Knowledgeable in DLP, SIEM, AV, APT and Vulnerability Analysis principles
Ability to effectively prioritize and execute tasks
Ability to effectively present information verbally and in writing
Must be able to work collaboratively in a team environment and independently
Ability to handle sensitive and/or confidential material and information with suitable discretion
Excellent interpersonal skills and a professional demeanor; ability to work effectively with all levels of Firm personnel and vendors
Bachelor’s degree required
Understanding of the latest security tools (i.e., malware prevention, vulnerability scanners and networks)
Professional certifications, such as CISSP, CISA, or CISM
The estimated base salary range for this position is $110k to $125k at the time of posting. The actual salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job.
Simpson Thacher & Bartlett is committed to a collegial work environment in which all individuals are treated with respect and dignity. The Firm prohibits discrimination or harassment based upon race, color, religion, gender, age, national origin, citizenship status, disability, marital or partnership status, sexual orientation, protected veteran’s status or any other legally protected status. “Gender” includes actual or perceived sex, a person’s gender identity, self-image, appearance, behavior or expression, whether or not that gender identity, self-image, appearance, behavior or expression is different from that traditionally associated with the legal sex assigned to that person at birth. This Policy pertains to every aspect of an individual’s relationship with the Firm, including but not limited to recruitment, hiring, compensation, benefits, training and development, promotion, transfer, discipline, termination, and all other privileges, terms and conditions of employment.