Information Security Analyst

Information Security Analyst

FLSA Status: Exempt

Department: IT

Reports To: Director of Information Security

Jackson Walker, the largest law firm in Texas, has an exciting full-time employment opportunity for an Information Security Analyst in our Dallas office. The Information Security Analyst is responsible for maintaining the security and integrity of the Firm's data, hardware and software, and people. Their primary responsibility is to monitor the security systems of the Firm and respond to any alerts and warnings generated by those systems including verifying incidents, preventing the escalation of incidents, and remediating confirmed incidents. The Information Security Analyst will work with the Director of Information Security and Senior Information Security Engineer, as well as the various IT teams, in communicating and remediating flaws in security systems. The Information Security Analyst is responsible for assisting with potential security incidents within the organization, including performing root cause analysis. Additionally, the Information Security Analyst will create/update documentation related to information security systems, processes, and procedures.

ESSENTIAL DUTIES & RESPONSIBILITIES:

• Monitor Jackson Walker's computing environment by performing security event analysis to detect activities including but not limited to: policy violations, abnormal behaviors, network intrusions, best practice recommendations, etc.
• Manage and enhance Jackson Walker's Information Security infrastructure and critical security operational processes including:
  • Microsoft M365/Azure security tools/processes including:
    • Defender for O365
    • Defender for Identity
    • Defender for Cloud
    • Sentinel (SIEM) and KQL queries
    • Intune
    • Conditional Access Policies
  • Palo Alto Networks Next-Gen Firewalls and GlobalProtect VPN
• Serves as a member of the CSIRT team and will assist with incident response efforts including, but not limited to: Detection, Verification & Triage, Scoping, Containment, Eradication, Recovery, Remediation.
• Assist in execution and fulfillment of Jackson Walker vulnerability management and penetration testing processes and assessments.
• Participate in security audits, risk analyses, and security reviews.
• Proactively research trending Tactics, Techniques, and Procedures (TTP) to aid in the identification of security events that may occur within the organization.
• Identifies and recommends potential solutions to improve the existing security posture and assist with testing/POC efforts as appropriate.
• Leads the Firm's patching/software update efforts to ensure that the Firm maintains the most up-to-date operating system and firmware revisions applicable to the systems.
• Participates in crafting, revising, and documenting Information Security standards, procedures, security checklists, operational playbooks, cyber newsletters, etc.
• Provides advice, documentation, and training to Firm personnel on information security technologies.
• Maintains and increases professional and technical knowledge through participation in professional development activities including webinars, seminars, conferences, and formal training classes.
• Assist with Firm's disaster recovery and business continuity planning and testing activities.
• Keep supervisor and peers informed of all changes and threats to systems.
• Other duties as assigned by the employer.

QUALIFICATIONS:

• Preferred - Knowledge of information security standards/frameworks, e.g., NIST, SOC2, ISO-27001, CIS Critical Controls.
• Preferred - Familiarity with Microsoft Endpoint Configuration Manager (MECM or SCCM) or similar.
• Familiarity with security controls in a Microsoft Azure cloud environment.
• Familiarity with basic scripting, e.g., PowerShell, Python.
• SIEM experience to include monitoring, threat hunting, creating correlation rules and alerts.
• Understanding of network protocols, creating firewall rules, and IDS/IPS signatures.
• Experience performing vulnerability scanning, interpreting results, and remediating findings.
• Experience hardening Windows, Mac, and Linux Operating Systems (both clients and servers).
• Must have proficient keyboard skills.
• Must be a creative problem-solver, flexible, proactive, and able to work in a fast-paced, ever-changing environment.
• Strong oral and written communication skills required, including the ability to tailor communication to various audiences.
• Interpersonal skills necessary to communicate effectively in person, by e-mail, and telephone to provide information to clients, attorneys, and staff with courtesy and tact.

Education:

• Bachelor's degree from an accredited college or university, or equivalent experience preferred.
• Preferred: At least one recognized security certification:
  • Comp TIA Security+
  • ISC2 SSCP
  • Microsoft Azure Certifications
  • SANS GSEC
  • Etc.

Experience:

• Should have at least 3 years of experience in a general IT-related role.
• Must have at least 3+ years of progressive experience in an information security role.

Physical Requirements:

• Sighted.
• Must be able to lift PC equipment, printers, and other hardware up to 50 pounds.

Working Conditions:

• Normal office environment with little exposure to excessive noise and temperature.
• Will occasionally be required to work more than 40 hours per week; be available 24x7 in order to respond to security incidents.
• Some travel to other Firm locations and/or remote training facilities may be necessary.

We are proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, veteran status, sexual orientation, gender identity, pregnancy, genetic information, or any other characteristic protected by applicable federal, state, or local law and will not be discriminated against on the basis of disability. It is our intention that all qualified applicants are given equal opportunity and that employment decisions be based on job-related factors.

The above is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of essential functions, responsibilities, or requirements.