Information Security Analyst
Job #S20180423C – New York, New York
Perkins Coie LLP is seeking an experienced Information Security Analyst. This position will perform duties related to keeping Perkins Coie information systems, data and personnel secure through the implementation and maintenance of an effective information security program. Specifically, the Threat and Vulnerability Analyst will use their specialized expertise to implement a proactive program that identifies vulnerabilities in operating systems and applications and incorporates threat intelligence information to define a risk-based management program that improves the firm’s security posture.
- Collection, analysis and reporting of actionable intelligence for the Information Security team and supporting organizations.
- Manage, monitor, and communicate the information security risks associated with inherent and residual vulnerabilities that may result in harm or disruption.
- Work closely with key stakeholders from IT, Business and Support functions to gather requirements, understand priorities, and communicate impact and context of vulnerabilities.
- Develop metrics that will measure the effectiveness of practices and controls to mitigate threats and vulnerabilities on a periodic basis.
- Develop dashboards that illustrate the effectiveness of risk mitigation over time.
- Responding to security incidents and reports from monitoring systems and personnel.
- Implement appropriate security controls, to meet security objectives and standards while allowing flexibility for the practice of law.
The ideal candidate will possess work experience in the areas of information security, vulnerability management, application testing, systems development and/or computer programming. They will have a detailed knowledge of at least one operating system and corresponding security controls such as Microsoft Windows, Apple macOS or Linux. The candidate must have experience with threat intelligence platforms and integration of threat information into a vulnerability management program. Excellent oral and written communications skills are a plus, as well as experience conducting penetration, application or vulnerability testing against a variety of platforms. Ability to exercise command scripts and execute programs to obtain the desired results and experience with patch management systems, such as SCCM and Flexera, are needed.
This position requires 2 year of information security operations experience, Bachelor's degree preferred. Certifications in a related security domain such as SANS GCIA, or GSEC preferred.
Perkins Coie LLP is an Equal Opportunity Employer and does not discriminate on the basis of race, color, religion, sex, age, national origin, genetic information, protected veterans, marital status, sexual orientation, gender identity, disability status or any other category prohibited by local, state or federal law. This policy applies to all aspects of employment, including recruitment, placement, promotion, transfer, demotion, compensation, benefits, social and recreational activities and termination.
For more information about equal employment opportunity, please click here for “EEO Is the Law.” To request a disability accommodation in the application process, please click here. Perkins Coie participates in E-Verify, please view the following links for details in English and Spanish. For information regarding your Right to Work, click here for details in English and Spanish.