Talent.com
Information security analyst

Information security analyst

Munger, Tolles & Olson LLPLos Angeles OR San Francisco OR Washington, D.C. Offsite in-office visits
30+ days ago
Salary
$88,300.00–$175,000.00 yearly
Job type
  • Full-time
Job description

The Information Security Analyst role is responsible for ensuring the security of the firm’s data and systems. They will provide thought leadership and strategic input on the firm’s security policies, procedures, and standards. They will assist security operations by monitoring and assessing information security controls. They will respond to client outside counsel guidelines, questionnaires, and audits, and also conduct security assessments of vendors and other third-parties, ensuring these entities follow firm and client security requirements as well as industry best-practices. The Information Security Analyst will interface with Governance, IT Operations, and User Support groups as well as end users to audit and remediate gaps in security controls and processes.

Job Functions & Responsibilities

Identify and remediate control gaps, aligning firm systems with information security standards and client requirements

Provide technical insight to the Governance team for client information security assessments and governance, risk, and compliance initiatives

Lead information security projects with limited supervision

Lead and manage remediation activities resulting from audits

Cross-train and mentor other engineers and analysts

Provide project and task completion support for other IT staff

Research, test, and recommend information security products based on the firm’s information security strategy, cost / benefit, and risk reduction methodologies

Monitor and maintain endpoint protection, log aggregation, vulnerability management, data loss prevention, privileged session management, mobile device management, threat intelligence, and physical security systems

Monitor threat intelligence feeds and security tools, escalating potential incidents

Align firm security policies with business objectives and security requirements.

Coordinate with training resources to develop, maintain, and improve the firm’s security awareness and training programs, participating in such programs as needed

Provide after-hours support for data loss prevention and incident response as part of the information security on-call rotation

Assist with the information security budgeting process

Develop, maintain, and manage relationships with vendors and professional services

Develop and maintain documentation related to responsibilities

Perform other duties as assigned

Computers, phones, and other network based equipment

Key Technologies

Applicants should have an understanding and working knowledge of one or more of the following :

Security information event management (SIEM)

Vulnerability scanning and penetration testing

Endpoint protection

Intrusion detection and prevention

Data loss prevention systems

Identity and access management

Encryption and secure file transfer

Mobile device management

Windows server operating systems

Microsoft Office Suite

Cloud services (Microsoft 365, Azure)

TCP / IP protocols and networking

Security camera and key card systems

Security awareness and training methodologies

Disaster recovery and business continuity planning

Incident response protocols

Tools

Computers, phones, and other network based equipment

Minimum Job Qualifications

Perform other duties as assigned

High school diploma or GED

8+ years of technical experience with large (>

300 users) networks

CISSP required

Ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood and actionable manner

Expert level client-service, writing, and verbal presentation skills, with excellent attention-to-detail and organization

Expert knowledge of information security frameworks (ISO 27001, CIS Critical Security Controls, NIST)

Expert knowledge of different attack scenarios, techniques, and countermeasures used to prevent those attacks

High level understanding of IT infrastructure, security, and datacenter operations, including networking, servers, storage systems, backups, remote access / thin clients, messaging systems, and database applications

Ability to organize and prioritize multiple assignments

Ability to work under the pressures of a dynamic and fast-paced environment

Ability to work extended hours, nights, weekends and rotating on-call duties

Physical Demands

Writing, typing, reading, speaking, hearing, seeing, sitting, bending, reaching, and lifting up to 25 lbs.

Working Conditions

Quiet office environment in a high-rise building, seated the majority of the time

Direct Reports

None

Competencies

Communicates effectively : Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.

Being resilient : Rebounding from setbacks and adversity when facing difficult situations.

Collaborates : Building partnerships and working collaboratively with others to meet shared objectives.

Instills trust : Gaining the confidence and trust of others through honesty, integrity, and authenticity.

Customer focus : Building strong customer relationships and delivering customer-centric solutions.

Drives results : Consistently achieving results, even under tough circumstances.

Situational adaptability : Adapting approach and demeanor in real time to match the shifting demands of different situations.

Optimizes work processes : Knowing the most effective and efficient processes to get things done, with a focus on continuous improvement.

Manages complexity : Making sense of complex, high quantity, and sometimes contradictory information to effectively solve problems.

Strategic mindset : Seeing ahead to future possibilities and translating them into breakthrough strategies.

Salary Range : $88,300 – $175,000

The Information Security Analyst role is an amazing opportunity available on our team of professionals at Munger, Tolles & Olson, LLP! We are a talent-first Firm and are always looking for great people. We encourage you to apply even if the level of this position is not an exact match to your qualifications. This may not guarantee your placement into the opening; however, it is always worth exploring if there is an opportunity for the future.

About Munger, Tolles & Olson

Munger, Tolles & Olson has been consistently ranked on The American Lawyer’s A-List since its inception in 2004, including seven years in the top spot. We strive to hire only the most qualified and creative lawyers. We believe that clerkships provide valuable experience. In this regard, about 80% of our attorneys served as law clerks to federal or state judges and sixteen attorneys were clerks to U.S. Supreme Court Justices. We recruit and retain the best professional talent to support our Attorneys with a focus on service and excellence. We have a full spectrum of functional positions including Information Technology, Information Security, Accounting, Human Resources, Legal Support, and Marketing.

MTO is an equal opportunity employer and does not discriminate in employment on the basis of race, including but not limited to hair texture and protective hairstyles (for example, braids, locks, and twists), color, ethnicity, religion, gender, gender identity or expression, pregnancy, childbirth, breastfeeding and medical conditions related to pregnancy, childbirth and breastfeeding, marital or domestic partner status, parental or family care status, national origin, ancestry, age, sexual orientation, disability or medical condition, genetic characteristic, political affiliation, military or veteran status, or any other characteristic protected by federal, state or local law. It is the policy of Munger, Tolles & Olson LLP to prohibit discrimination, unlawful harassment (including sexual harassment), and retaliation. This commitment prohibits such conduct by any individual involved in MTO’s operations and by anyone doing business with or on behalf of Munger, Tolles & Olson LLP.