US Job Description
Firm Information
Reed Smith is a dynamic international law firm dedicated to helping clients move their businesses forward. With an inclusive culture and innovative mindset, we deliver smarter, more creative legal services that drive better outcomes for our clients. Our deep industry knowledge, long-standing relationships and collaborative structure make us the go-to partner for complex disputes, transactions and regulatory matters.
Our team of 3,000 people (including more than 1,600 lawyers) across more than 30 offices in the United States, Europe, the Middle East and Asia, operate as one global partnership to drive progress for our clients, for ourselves and for our communities.
Position Summary
Under supervision of the Security Manager, the Security Analyst will specialize in all aspects of information security and work closely with various Information Technology teams to ensure the infrastructure-encompassing networks, servers, workstations and telecommunications systems-meets stringent security and compliance standards as set by the firm, industry, and ISO 27001 requirements. The Security Analyst will play a key role in reviewing and securing infrastructure components, developing risk mitigation strategies, and contributing to enterprise-wide security projects. This position will also serve as a key resource for consulting on security matters, ensuring access controls are properly maintained, and addressing escalations related to security audits, incident responses, and internal security concerns.
The Security Analyst will function as an internal consultant and resource to others in the department as it relates to security of infrastructures, endpoints, and cloud environments. The Security Analyst will monitor the internal control systems to ensure that appropriate access levels are maintained and serve as a primary escalation point for all security related audit and incident response events as well as information security concerns or questions. The position will perform periodic technical and non-technical evaluation, based upon existing Reed Smith security policies and procedures and establish the extent to which an entity's security policies and procedures meet the necessary minimum requirements. The Security Analyst is a member of the Cybersecurity Incident Response Team (CIRT).
The position will also provide assistance of design, functionality, implementation and ongoing support of SIM/SIEM, SOAR,and EDR throughout the global enterprise. This may include system administration, troubleshooting, analysis, testing, research, training, problem solving, technical support, development, and testing/deployment of new applications, hardware, and systems. The Security Analyst will also Interface with internal and third-party incident responders as necessary to investigate and remediate incidents.
Job Duties and Responsibilities
- Incident Investigation and Response - Investigate and respond to escalated security incidents, focusing on complex cases that require in-depth analysis and remediation.
- Advanced Threat Detection - Perform advanced threat detection and response activities, identifying and mitigating sophisticated attacks such as advanced persistent threats (APTs).
- Proactive Threat Hunting - Proactively hunt for threats within the environment, using security tools and threat intelligence to detect anomalies before they escalate into incidents.
- Detection and Response Development - Develop and refine detection playbooks and response runbooks to streamline future incident response efforts.
- Forensic Analysis - Conduct forensic analysis of compromised systems, identifying the root cause of incidents and gathering evidence for further investigation.
- Cyber Defense Strategy - Build and enhance the organization's cyber defense strategy by researching new threats, vulnerabilities, and mitigation techniques.
- Collaboration and Improvement - Collaborate with other teams to improve security processes, tools, and overall defense posture.
- Automation of Security Processes - Automate security incident detection and response processes to improve efficiency and accuracy.
- Emerging Threat Awareness - Stay current with emerging threats, security trends, and new technologies to ensure the organization is prepared to defend against evolving attacks.
- Internal Consulting - Act as an internal consultant for security matters, providing guidance and support to various departments regarding infrastructure, endpoint, and cloud security.
- Compliance Management - Assist in maintaining compliance with ISO 27001 standards, including periodic reviews and updates to security policies and procedures.
- Technical Evaluations - Perform periodic technical and non-technical evaluations based on existing security policies and procedures, assessing their effectiveness in meeting minimum requirements.
- Security Tools Management - Assist with the design, functionality, implementation, and ongoing support of LAN/WAN, remote access, IDS/IPS, PKI, SIM/SIEM, EDR, and unified threat management systems/tools/devices.
- Collaborates with other teams to provide training on security best practices and awareness, fostering a culture of security within the organization.
Job duties and responsibilities included are not exhaustive and may be supplemented as necessary. Reed Smith reserves the right to revise or modify job duties and responsibilities at any time.
Requirements
Education: Bachelor's degree in Computer Science, Business or Engineering; or equivalent work experience is required; CISSP certification or working toward CISSP certification desired.
Experience: Minimum of five years information systems experience, including at least one year of systems project management experience. Experience with security policies and procedures, awareness programs and IT audits preferred. Background in applying advanced IT security concepts and extensive understanding of contemporary hardware and software architectures in a multi-site mission critical environment. Background or experience with the legal professions a plus.
Must have understanding and working knowledge of operating system security, encryption technologies, forensics analysis, penetration testing and vulnerability/risk assessment.
Skills: Must be an intelligent, articulate, and persuasive leader who can serve as an effective member of the team and who is able to communicate security-related concepts to a broad range of technical and non-technical staff. Should have experience with disaster recover and business continuity and risk management. Must have a solid understanding of information technology and information security policies and procedures. Knowledge of management information systems terminology, concepts, and practices. Knowledge of industry program policies, procedures, regulations, and laws. Skill in collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions. Skill in information security audit planning and project management, and in maintaining composure under pressure while meeting multiple deadlines. Ability to work independently under general supervision with considerable latitude for initiative and independent judgment. Skill in negotiating issues and resolving problems.
Other
Supervisory Responsibilities: None
Equipment To Be Used: Information security management software and hardware, computer and other office equipment such as telephone, typewriter, calculator, fax machine, duplicating machine, etc.
Essential Job Functions:
- Manual dexterity sufficient to operate standard office machines.
- Communicate with various personalities at all levels.
- Capacity to organize and prioritize workload and remain flexible in an environment of changing priorities while staying calm under pressure.
- Ability to grasp and apply new ideas.
- Make judgment decisions and adapt to changing work situations.
- Able to respond to changing priorities and in high-pressure situations
Working Conditions: Works remotely. Occasionally called upon to work hours in excess of your normal daily schedule. Potential for in-office work requests as needed, so proximity to the office is important.
Benefits Package Overview:
- 401k Plan
- Medical
- Health Savings Account
- Virtual Health
- Dental
- Vision
- Accident
- Hospital indemnity
- Critical illness
- Life insurance
- Short term disability
- Long term disability
- Flexible Spending Accounts
- Lyra Health EAP
- Paid Family Leave
- College Savings Plan
- Transportation benefit
- Back-up Child Care
- College Coach
- Pet insurance
- Paid sick time
- Vacation time
Reed Smith offers a challenging work environment, business casual dress code and a total compensation package that includes a competitive salary, flexible benefits program, tuition assistance, and generous 401 (k) plan.
Reed Smith is an Equal Opportunity Employer. Reed Smith's success depends heavily on the effective utilization of qualified people, regardless of their race, ancestry, religion, color, sex, age, national origin, sexual orientation, gender identity and/or expression, disability, veteran's status, or any characteristic protected by law. As a firm, we adhere to and promote equal employment opportunity for all.
Reed Smith provides reasonable accommodations for persons with disabilities, including in the application and interview process.
Qualified candidates only. No search firms.