Security Analyst

Crowell & Moring LLP is an international law firm with offices in the United States, Europe, MENA, and Asia that represents clients in litigation and arbitration, regulatory and policy, intellectual property, and transactional and corporate matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation and government-facing matters, as well as its ongoing commitment to pro bono service and diversity, equity, and inclusion.

The Security Analyst is responsible for supporting the monitoring and management of the Firm’s security infrastructure, including email security, firewall infrastructure, vulnerability detection and remediation, monitoring, log collection/correlation, and intrusion detection/prevention. The analyst works in a cross-functional team to monitor, analyze, and improve the security posture of the organization, including incident response, vulnerability management, compliance, and audit activities. The analyst will collaborate with other departments and IT teams to ensure robust protection of firm assets and data. The analyst reviews incident reports and notifications from non-compliant users and systems and acts based on judgement and compliance criteria to review reports and escalate findings. The analyst suggests improvements to detection criteria and maintains detection systems.

Job Responsibilities

• Monitor and respond to security events including potential policy violations, malicious activity and insider threats.
• Analyze and escalate incidents appropriately, ensuring timely resolution and documentation.
• Maintain and improve detection systems, including IDS, firewalls, endpoint protection, and phishing detection.
• Conduct comprehensive vulnerability scanning, detection, and remediation across the firm’s infrastructure, ensuring effective management and resolution of vulnerabilities.
• Ensure adherence to regulatory frameworks (NIST, HIPAA, FISMA, etc.) and internal policies.
• Support and manage client audit requests, produce evidence, and respond to audit requirements.
• Track and periodically validate application and data authorizations.
• Develop and maintain technical and non-technical metrics to substantiate the firm’s information security program.
• Use statistical methods and tools to model normal and abnormal system behavior.
• Suggest improvements to detection criteria and security controls.
• Participate in projects to implement, upgrade, or modify security systems and processes, completing special projects and other duties as assigned by the Information Security Manager.

Knowledge, Skills and Abilities

• Demonstrated experience with monitoring and configuring SIEM platforms, EDR and Antivirus, IPS/IDS, and other security tools.
• Demonstrated familiarity with NIST, HIPAA, FISMA, and other regulations and frameworks.
• Demonstrated ability to take security framework compliance requirements and translate them into technical compliance settings and configurations.
• Demonstrated familiarity with vulnerability scanning technologies including treating false positives, tracking results, and troubleshooting systems.
• Understanding of administration of Windows-based operating systems and networks.
• Experience with security infrastructure (IDS, firewalls, endpoint detection, phishing detection, etc.).
• Understanding of Identity and Access Management technologies, especially in Software as a Service (SaaS) and cloud environments.
• Familiarity with statistical methods for modeling normal system behavior and describing abnormal behavior in a system.
• Demonstrated ability to work effectively in a team environment and manage multiple projects and shifting priorities.

Requirements:

Education

Bachelor’s degree in information technology, computer science or related field.  A combination of equivalent work experience and training/education can be substituted in lieu of a degree.

Certifications

The analyst should have at least one of the following: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), a SANS certification (GSEC, GCIH, GCWN, etc), a Cloud Security Alliance certification (CCSK, CCSP), or other similar certification. Other technical certifications are a plus.

Experience

A minimum of 4 years of progressive experience in security operations, audit, security management or insider threat detection. 

Crowell & Moring LLP offers a competitive compensation and comprehensive benefits package which includes progressive options such as backup child care, wellness programs, cultural events and social activities. We take great pride in our positive, friendly culture that rewards hard work and success, at the same time recognizing the importance of family and community service.

Our Firm is committed to fair and equitable compensation practice in accordance with applicable laws. The salary for this position is $110,000 - $160,000. Additional compensation may include a discretionary bonus. Other benefits include healthcare, vision, dental, retirement, and all-purpose leave. The salary for this position may vary based on location, market data, an applicant’s skills and prior experience, certain degrees and certifications, and other factors.

EOE m/f/d/v
Crowell & Moring LLP participates in the E-Verify program.