Information Security Analyst - Ropes & Gray : Job Details

About Ropes & Gray:

Ropes & Gray is a preeminent, global law firm. The firm has been ranked in the top-three on The American Lawyer's prestigious A-List for seven years and is ranked #1 on Law.com International's A-List in the U.K. - rankings that honor the Best of the Best firms. The firm has approximately 2,500 lawyers and professionals serving clients in major centers of business, finance, technology, and government in Boston, Chicago, Dublin, Hong Kong, London, Los Angeles, New York, San Francisco, Seoul, Shanghai, Silicon Valley, Singapore, Tokyo and Washington, D.C. The firm has consistently been recognized for its leading practices in many areas, including asset management, private equity, M&A, finance, real estate, tax, antitrust, life sciences, health care, intellectual property, litigation & enforcement, privacy & cybersecurity, and business restructuring. Ropes & Gray is an equal opportunity employer.

Under direction of the Information Security Supervisor - Threat Hunting & Analysis, the Information Security Analyst is responsible for responding to events and alerts generated by information security technologies, user reported events and any activity, which is suggestive of a potential information security event/incident.

The Information Security Analyst is a hands-on technologist who is proficient in the use of information security technologies used in the investigation of information security events.

The scope of this position is firm wide and requires an understanding of all IT systems the firm uses and how they provide value to the business.

The Information Security Analyst works closely with other members of the Information Security Team in ensuring that the information security posture of the firm is maintained and takes a proactive approach in continually assessing the security of firm systems throughout their lifecycle, providing recommendations for enhancing security and adapting to new threats and vulnerabilities.

• Analyze and respond to security events found internally or via the firms Managed Security Service Providers
• Play a significant role in responding to and containing information security related incidents
• Review security context alerts and logs using the firms security information event management platform (SIEM) or other tools
• Serve as the initial point of contact for tickets assigned to the Information Security Team
• Promptly respond to requests for assistance from end-users and others
• Escalate security events/incidents according to defined workflow and in accordance with any relevant SLAs
• Thoroughly document the results of security event/incident investigations
• Adhere to relevant policies, procedures, standards and security good/accepted practices
• Resolve problems independently and understand escalation procedure
• Collaborate with vendors and other teams to configure and fine tune the threat intelligence platform according to the current threat landscape
• Develop custom searches, alerts, reports and dashboards
• Develop, schedule, and maintain threat hunting processes
• Maintain current security certifications and attend industry seminars and relevant continuing education events
• Performs other work-related duties as assigned

• Bachelor of Science in a technology related discipline or 3 years of relevant experience
• 1 - 3 years of experience in dedicated information security roles
• 3-5 years of experience in information technology in an area such as; networking, desktop engineering, programming, systems administration, help desk
• Strong critical thinking and problem solving skills
• Practical experience with TCP/IP networking concepts and protocols
• Significant experience with current Windows operating systems including; Active Directory, Authentication methods, Analysis & interpretation of event logs
• Practical experience using endpoint security solutions to identify and resolve events/incidents
• Practical experience using a SIEM platform for incident response and event analysis/log correlation
• Basic knowledge of networking technologies including; DNS, switching, routing and firewalls
• Excellent troubleshooting, problem solving, and verbal/written communication skills
• Ability to manage critical situations, and maintain solid relationships with colleagues and firm staff and attorneys
• Ability to anticipate problems, communicate them, and resolve if appropriate
• Ability to work independently and as part of a team
• Must have strong written/verbal communication skills
• Must be detail oriented with strong customer service skills
• Requires strong interpersonal and organization skills
• Take responsibility for customer satisfaction and overall success of managed services
• Interface with a variety of customers in a polite, positive, and professional manner
• Preferred candidate will have or be able to obtain one or more of the following certifications within their first year of employment: Security+, GSEC, GCIA, GCIH

ESSENTIAL CAPABILITIES:

• Ability to relate to non-technical users in user-friendly language
• Ability to understand or learn the technical implications of security threats
• Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment
• Ability to gauge ones strengths and limitations
• Ability to deal with changes and adapt to a changing environment
• Must demonstrate the ability to maintain strict confidentiality of the firm's internal and personnel affairs
• Ability to work well with others, harness different skills and experience, and build a strong sense of team spirit
• Highly self-motivated and directed
• Ability to work in a multi-office environment and willingness to travel to other offices as required
• Ability to work effectively in a culturally and educationally diverse environment

Ropes & Gray is proud to offer a comprehensive Total Rewards package to our business support team members. The firm also offers comprehensive health and well-being benefits, personal and professional development, career growth opportunities and a collegial and supportive culture. The anticipated pay range for this role is $91,000 - $137,000 in New York and $86,500 - $131,000 in Boston, which represents our good faith and reasonable estimate of the starting salary range at the time of posting. In addition, this role is eligible for a discretionary bonus based on performance. The actual offered rate for this position will be determined based on job-related, non-discriminatory factors, including qualifications and experience, geographic location, education, external market data and consideration of internal equity.

This is a fully remote position.