Sr. Information Security Analyst (Penetration Testing)

our top law firm in New York City is looking for a Sr. Information Security Analyst with strong penetration testing experience. The Senior Information Security Analyst will be responsible for monitoring the Firm security systems and performing penetration tests of the infrastructure. Key responsibilities entail daily monitoring activities, including SIEM and other security tools and identification and mitigation of suspicious events, conducting controlled penetration tests, identifying vulnerabilities, and delivering reports with recommendations for mitigation. The successful candidate will also support all other Security Operations activities and assist in the deployment and operation of information security systems, as well as work on a diverse set of security related projects and responsibilities.

Essential Duties and Responsibilities :

• Perform real-time security log and event analysis and take action to contain and mitigate information security threats. The events will originate from SIEM, DLP, IDS, IPS, antivirus, firewalls, system security logs and user reports.
• Conduct manual and automated penetration testing of web applications, APIs, networks, cloud environments, and mobile apps.
• Simulate real-world cyber-intrusion techniques to identify security vulnerabilities and validate practical exposures / risks.
• Develop automation workflows, routines and scripts to support advanced testing efforts and remediation validation
• Contribute to red team engagements, threat modeling, and purple team exercises.
• Assist in maintaining existing security systems, such as IPS / IDS, Anti-Virus, EPO, SIEM, NAC and other cyberattack detection and analytics tools; assist with security technologies deployment, configuration, troubleshooting, maintenance, patching / upgrading and decommission.
• Make enhancements to existing monitoring and security operations and contribute to a Continuous Monitoring program framework.
• Work across teams to accomplish security program goals.

Knowledge, Skills, and Abilities Required :

• Strong knowledge of network services, vulnerabilities, exploits and attacks vectors and TTPs (Tactics, Techniques, and Procedures).
• Proven experience in penetration testing, ethical hacking, or purple teaming.
• Strong knowledge of OWASP Top 10, MITRE ATT&CK, CVSS, and common exploit techniques.
• Proficiency with tools like Burp Suite, Metasploit, Nmap, Nessus, Kali, Bloodhound, or similar.
• Familiarity with scripting (e.g., Python, PowerShell) for automation and vulnerability validation.
• Understanding of IT infrastructure, networking, system internals (Windows / Linux), and web / application security.
• SPLUNK Administrator or Power User considered a plus.
• Strong knowledge of server and desktop operating systems, routers, switches, firewalls and other network equipment.
• Experience with cloud environments (SaaS, iDP, AWS, Azure, GCP) and cloud security testing.
• Knowledge of mobile app security vulnerabilities (iOS, Android) and threat modeling a plus.
• Participation in Capture The Flag (CTF) events or offensive security challenges
• Critical thinking, investigative mindset and ability to conduct root cause analysis.
• Detail-oriented and able to meet tight deadlines.
• Excellent written, verbal and interpersonal skills.
• Highly motivated self-starter with an inquisitive personality.
• Desire and ability to learn new skills and concepts.

Education and Experience :

• Bachelor's degree in related field or discipline.
• Minimum of 7 years of experience in information security.
• Certifications such as GPEN, OSCP, OSEP or similar are highly desirable.
• CISSP, CISA, CEH, GIAC and other industry certifications considered a plus.
• Pay and Benefits

The pay range for this position is $170000.00 - $185000.00 / yr.

United Healthcare Medical Insurance, MetLife Dental insurance, EyeMed Vision.

401K

Eligible upon date of hire

Contributions between 1% and 75% of gross compensation on a pre-tax basis and / or 1% - 100% of net compensation on a Roth after-tax basis.

Voluntary after-tax contributions of up to 10%

Additional catch-up contribution if you are age 50 by calendar year-end

Contributions are subject to annual IRS maximum

Discretionary Firm Contributions are generally a percentage of your eligible gross wages and may change at any time. You will become eligible for a Firm Contribution after one year of service in which you have worked at least 1,000 hours and are at least 21 years of age. Entry dates are the quarter following when you have met the eligibility requirements.

• Workplace Type

This is a hybrid position in New York,NY.

• Application Deadline

This position is anticipated to close on Oct 30, 2025.

h4>

About TEKsystems :

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.