Senior Information Security Analyst

Summary

The Senior Information Security Analyst is responsible for identifying, investigating, and addressing both internal and external threats. This position requires a deep understanding of various threats, attacks, and malware to develop effective detection and protection measures for the enterprise. The position will collaborate with the IT department to maintain security controls, which includes tuning detection systems, updating control policies, and automating processes.

Additionally, this role involves directly managing relationships with our security operations vendors and providing technical leadership and mentorship to a team of security analysts. This position plays a critical role in driving initiatives for advanced threat detection, incident response, and vulnerability management, which are vital for maintaining a proactive and robust security posture. The ideal candidate will combine extensive technical expertise in Security Operations (Sec Ops) with proven leadership skills, enabling them to enhance our security strategy and effectively respond to the evolving threat landscape.

This position can sit in our Washington DC, Atlanta, Austin, Baltimore, Chicago, or Northern Virginia office and offers a hybrid work schedule.

• Mentoring and guiding Information Security Analysts.
• Evaluating the effectiveness of and improving various information security program functions at the Firm.
• Reviewing Security Incident and Event Management (SIEM) systems, including regularly reporting metrics and summaries regarding ongoing investigations and ticket tracking.
• Performing alert triage, investigating and analyzing security incidents, identifying root causes, and developing appropriate mitigation strategies.
• Ensuring effective Endpoint Threat Detection, including EDR capabilities, traditional antivirus, asset management, and familiarity with baseline and configuration management tools.
• Managing Next Generation Firewalls and/or Intrusion Detection/Prevention Systems (IDS/IPS).
• Engaging in Threat Hunting and utilizing Threat Intelligence.
• Utilizing malware sandbox technologies and interpreting the results.
• Overseeing Incident Response tools, processes, and capabilities.
• Possessing experience or a deep understanding of vulnerability and configuration management.
• Conducting independent project work.
• Providing leadership to and managing a team of business professionals, coaching, mentoring and professional development.
• Providing performance feedback on a regular basis.

• Communication
  
  Skills:
  
  Proficient in both verbal and written communication, with the ability to convey technical information to non-technical audiences.
• Analytical
  
  Skills:
  
  Strong analytical abilities with a keen attention to detail, essential for identifying and addressing security events.
• SIEM Proficiency:
  Skilled in identifying, triaging, and analyzing security events using Security Information and Event Management systems.
• Incident Response Knowledge:
  Deep understanding of incident response processes and methodologies.
• Scripting
  
  Experience:
  
  Familiarity with scripting languages to automate security operations and enhance the incident response process.
• Attacker Methodology:
  Demonstrated understanding of the methodologies used by attackers, which supports proactive defense measures.
• Intrusion Detection:
  Solid grasp of intrusion detection systems, AI-based attack detection and prevention strategies, and SOC operations.
• Cloud Security:
  Knowledge of cloud infrastructure and security considerations in a cloud environment.
• Core Infrastructure Knowledge:
  Familiarity with core infrastructure components such as DNS, Active Directory, and Exchange.
• Security Tools
  
  Experience:
  
  Prior experience with security tools like Microsoft Defender, Crowd Strike, and Palo Alto Networks is desirable.
• Professional Services Background:
  Experience in professional services sectors such as legal, finance, or consulting is preferred.

• Bachelor's Degree in Information Security, Cybersecurity or similar fields.
• 7 years of experience working within the Cybersecurity field.

• Master's Degree in Information Security, Cybersecurity or similar fields.

• Professional‑level industry certification (e.g. CISSP, GIAC, SANS, etc.) preferred.

DLA Piper is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.