Senior Information Security Analyst

Profile

Senior Information Security Analyst

The candidate will be achieving a balance between protecting the firm and ensuring that users can work effectively; being pragmatic but cognizant of risk. Ensure that the Firm has the requisite capability to investigate, prevent and remediate security breaches, viruses, and deviations from security procedures. Act as a technical expert in the security field with a solid understanding of Norton Rose Fulbright’s Information Security infrastructure and act as its champion in relation to Information Security. Assist with Information Security monitoring and act as a technical point of escalation for any alerting issues. Manage the global Information Security incident/request queue. Assist with a program of educational, procedural, and technical improvements aligned with the Information Security Management System. Assist with the management of technical controls defined within the Information Security Management System. Act as a champion for Information Security best practices and policies. Operate and manage security incidents and requests to SLA guidelines. Review, action, and escalate, any unusual event behavior identified. Assist with the development and maintenance of the Firm-wide security infrastructure configuration, policies, and procedures, identifying improvements to procedures, and reporting on incidents. Actively promote security governance in support of the Information Security policies, to ensure appropriate measures are taken to secure the Firm’s confidentiality and integrity. Encourage cooperative working with all business functions to achieve shared goals, ensuring skills transfer and technical security awareness within the teams. This includes writing process documents and conducting training. Work cooperatively with project teams to ensure that new projects and changes adhere to Information Security policies and governance standards. Identify threats and vulnerabilities. Identify threats and vulnerabilities. Keep a technical industry awareness of security risks and exposures and proactively promote effective counter-measures. Configure appropriate security parameters in monitoring systems and act as a technical point of escalation for any alert issues. Perform document reviews and privileged account reviews. Should have 3 years of experience working within Information Security infrastructure or vocation to move from another technical discipline; experience participating in resolving technical issues; experience in introducing Information Security improvement through effective deployment of technology and/or processes to move to a proactive footing in security management or demonstrating similar in a current technical discipline; ability to triage and remediate phishing and impersonation attacks in a timely and efficient manner as the risk dictates; experience working with a service management tool; working knowledge of Office 365 security & compliance center and Azure Active Directory to investigate risky sign-in/user alerts, and quarantined files/emails; working knowledge of endpoint security solutions and security infrastructure including EDR, vulnerability management tools, DLP solutions, and removable media encryption; working knowledge of cloud-based web and email filtering solutions such as Forcepoint, Zscaler, Mimecast, and Proofpoint; solid understanding of next-gen firewalls, IDS/IPS, SIEM, and networking experience is desirable; ability to learn quickly, solve problems and pragmatically address risk. Technical bachelor’s degree or equivalent IT / Information Security experience is preferred. Security-related certification e.g. CompTIA Security+, GSEC is preferred. A good understanding of security frameworks such as ISO 27001, NIST, and Mitre is preferred. Keen sense of responsibility, ability to set a professional example, and desire to adhere to defined security practices; strong technical security understanding; self-motivated and able to work calmly and methodically under pressure; excellent interpersonal skills, exceptional levels of personal integrity, and the ability to communicate clearly at all levels through reports, presentations, and forming effective matrixed relationships. Flexible approach to incorporate changing priorities. Cooperative, service-orientated, individual and established team worker, comfortable working in a geographically dispersed team; good judgment when it comes to confidentiality and sensitivity of information of which they may become aware through the course of their duties. Adaptable and keen to learn new skills.

Company info

Norton Rose Fulbright LLP
Fulbright Tower 1301 McKinney , Suite 5100
Houston
Texas
United States 77010-3095
Phone : 713-651-5423
Fax : 713-651-5246
Website : http://www.nortonrosefulbright.com