Information Security Analyst

Northfield, NJ, United States

DLA Piper is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Job applicant poster viewing center (https://mandatoryview.com/?LicenceId=09b17fa3-b781-4022-bfdd-ec61a570463c&ProductType=OnlineApplicant) .

DLA Piper is, at its core, bold, exceptional, collaborative and supportive. Our people are the backbone, heart and soul of our firm. Wherever you are in your professional journey, DLA Piper is a place you can engage in meaningful work and grow your career. Let’s see what we can achieve. Together.

If you are a highly talented Information Security Analyst, we want to hear from you!

This position is remote, candidates may be required on occasion to visit the local office when/if needed.

Minimum Requirements:

Bachelor’s degree in information security, cybersecurity, computer science, or a related field

4 years’ experience in IT or security

Detailed experience of TCP/IP

Strong understanding of Windows and Unix operating systems

Experience scripting in PowerShell, Perl, or Python

Significant experience with logging and alerting platforms, including SIEM integration

Knowledge of incident response methodologies and technologies

Understanding of common malware threats as well as typical attack chain

Understanding of the common technologies found in enterprise IT environments, including datacenter and Internet edge technologies

Ability to work effectively in a fast-paced environment

Ability to understand vulnerabilities at a technical level and capable of recommending and effectively communicating mitigation strategy

Experience managing and monitoring endpoint protection solutions, vulnerability scanners, and other security tools.

Knowledge of advanced persistent threats (APTs), associated tools and tactics used by threat actors, and mitigating practices

Ability to participate in a rotating on-call schedule

Preferred Requirements:

5 years’ experience in IT or security

Relevant security certifications

Experience operating in and complying with ISO 27001:2013

Good organization skills to balance and prioritize work

Strong problem-solving and analytical skills

Strong communication skills, both verbal and written skills

Strong familiarity with Microsoft 365. Windows desktop and server operating system

Knowledge of secure development practices and the OWASP Top 10

Familiarity with regulatory frameworks such as NIST/CMMC, ISO 27001, and HIPAA/HITECH

What will your day look like?

As an Information Security Analyst, you will align security alert review and hunting to the prescribed Incident Response Playbook. You will conduct limited investigations into possible security breaches at firm sites using high-fidelity alerts and tools within the environment, MDR, and online. You will review alerts generated by security detection tools, correlate with device logs, packet capture, and all forms of telemetry, and interprets data. You will also maintain up-to-date information in alert handling tools. Where firm SLA governs timing, the analyst must work within the timing bounds to acknowledge and resolve alerts. You will protect client and firm data vigilantly, ensuring proper handling and protection electronically, physically, and verbally.

As a member of the Information Security department, you will focus on providing the best cybersecurity protections and posture through active research, discovery, collaboration, and teamwork. Responsible for security functions, investigations, and incident response. The Information Security Analyst supports security operations and proactively monitors the enterprise security and risk posture of production systems and infrastructure while identifying and escalating potential incidents or anomalies for further investigation. The ideal candidate must be able to work independently and have project management skills.

Key areas of knowledge include access control and authorization, vulnerability management, intrusion prevention and detection, network security, encryption, endpoint protections, incident response, and risk mitigation. Your primary responsibilities will include reviewing and analyzing alerts and logs from firewalls (FW), endpoint protection tools (e.g., antivirus, DLP), SIEM, and other security threat data sources to gain awareness and report on potentially suspicious and anomalous activity. You will assist in the investigation and remediation of security events and/or incidents, participate in the design and execution of vulnerability and risk assessments, penetration tests, and security audits (e.g., HITRUST, SOC2), and work closely with technology and business teams to document and track remediation of known security issues.

You will perform security reviews of new systems or applications being onboarded and assess the security impact of changes to systems or applications as part of the change management process. You will also assist in the execution of ongoing security compliance activities and reviews and track the completion of security and privacy awareness training for existing staff and new hires. You will research security enhancements and make recommendations to management, and stay current on information security trends and news. You will monitor existing tickets and manage resolutions as well as prioritize information security issues and work on multiple tasks concurrently.

To learn more about DLA Piper, please visit our website (https://www.dlapiper.com/en/us/) .

We offer exceptional career opportunities in an environment that is challenging, rewarding, and, we believe, truly different from our competitors. Our employees enjoy a competitive benefits package and a dynamic and diverse environment in which they can build a long and fruitful career and reap the rewards of their success.

General & Essential Job Expectations

While the specific job requirements of a DLA Piper position may vary depending upon scope of the job and area of specialty, there are certain universal requirements that are expected of all DLA Piper employees, which include but are not limited to:

Effectively communicate, verbally and in writing, with clients, lawyers, business professionals, and third parties;

Produce deliverables, answer phone calls, and reply to correspondence in an efficient and responsive manner;

Provide timely, accurate, and quality work product;

Successfully meet deadlines, expectations, and perform work duties as required;

Foster positive work relationships;

Comply with all firm policies and practices;

Engage in both physical and sedentary activity, such as (a) working at a computer for extended periods of time, including on-screen reading and typing; (b) participating in digital/virtual conference calls; (c) participating in meetings as needed;

Perform all other duties, tasks or projects as assigned.

Our employees are expected to embrace and uphold our firm values as a part of our DLA Piper culture. We are committed to excellence in how we represent our clients and develop our people.

Physical Demands, Work Environment, and Other Requirements

Sedentary work: Exerting up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.

Application Process:

If you have a request for an accommodation during the application process or have any questions about the process, please contact [email protected] . Please add [email protected] to your list of safe senders.

Applicants must apply directly online instead of sending application materials via email.

Agency applications will not be considered.

Job: Information Technology

Organization: Information Security

Title: Information Security Analyst

Location: Maryland-Baltimore

Requisition ID: 23000569

Other Locations: United States-Virginia-Reston, United States-District of Columbia-Washington, United States-Florida-Miami, United States-New Jersey-Short Hills, United States-Pennsylvania-Philadelphia, United States-Florida-Tampa, United States-Texas-Houston, United States-Arizona-Phoenix, United States-New Jersey-Northfield, United States-Texas-Dallas, United States-Georgia-Atlanta, United States-Illinois-Chicago, United States-Delaware-Wilmington, United States-Minnesota-Minneapolis, United States-North Carolina-Raleigh, United States-Texas-Austin, United States-Massachusetts-Boston