Information Security Analyst III

The Information Security Analyst III is a key member of the Security Operation Center (SOC) team who will be responsible for detecting and responding to security threats. The Information Security Analyst III will monitor and analyze events, identify potential security incidents, develop and enhance security controls, and ensure that appropriate actions are taken to protect the security of the organization's systems and data.

The Information Security Analyst III interprets stakeholder and client security needs, assesses requirements, and identifies appropriate solutions, while ensuring clear communication of timelines and delivery expectations. This position supports and participates in all aspects of the Information Security program, in order to continue to build both breadth and depth to his or her skillset.

• Function as escalation point for junior security analysts.
• Perform in-depth threat intelligence analysis (e.g., updated detection rules, IOCs) to find attackers, identify types of attack, and pinpoint systems or data impacted.
• Identify threats that have entered the network, and security gaps and vulnerabilities currently unknown.
• Perform system (e.g., endpoint security solutions, firewalls, SIEM, etc.) configurations and create rules for anomaly detection or visualizations.
• Represent IT Security on incident bridges or other security calls.
• Perform threat hunting and recommend optimization opportunities for security monitoring tools to improve threat hunting and identification efforts.
• Perform vulnerability assessments and penetration tests to identify weaknesses and provide data-driven remediation guidance to improve organizational resilience.
• Review alerts, threat intelligence, and security data.
• Monitor security events and logs from a variety of systems and networks.
• Identify and respond to potential security incidents and threats.
• Perform analysis and investigations with a variety of systems and network infrastructure devices, utilizing forensic data obtained from system logs, cybersecurity tools, and other data sources (e.g., threat intelligence, system logs, processes, malware files, threat intelligence, etc.).
• Assess impact and scope of incidents as they arise and coordinate escalation to other team members and other IT functions as appropriate.
• Proactively implement security controls to detect security events, harden information assets, and reduce cybersecurity risk, upon direction of the Security Operations Center Lead.
• Develop and document processes and procedures for responding to security incidents.
• Develop and maintain security incident response plans.
• Provide technical guidance, training, and support to other members of the security team.
• Continuously maintain an up-to-date knowledge of security threats, vulnerabilities, and countermeasures.
• Maintain expert-level knowledge of the operation and administration of cybersecurity applications used by the SOC.
• Maintain knowledgebase articles, policies, procedures, processes, and other security-related documentation.
• Generate reports to monitor cybersecurity risk.
• Share in the representation of IT Security in non-security IT projects.
• Identify, track, and oversee the mitigation of information security risks, internal, external and client audit findings, exceptions, waivers, and other security issues.
• Proactively engage with stakeholders and clients to identify security requirements and deliver tailored, mutually agreed-upon solutions that align with business needs.
• Apply knowledge of internal and external business issues and cybersecurity best practices to continuously improve security services and controls, with awareness of associated costs and resource implications.
• Contribute to the identification of cost-effective security solutions that balance risk reduction with operational efficiency.
• Develop and manage short-term work plans for security activities within the SOC, ensuring tasks are organized, prioritized, and completed in line with agreed targets and timelines.
• Perform any and all other duties as necessary and as assigned for efficient functioning of the Department, Office, and Firm.

• Bachelor's degree in computer science, Information Systems or other related security-focused field or equivalent work experience.
• Minimum of 3-5 years of experience in IT security, network security, or a related experience or field.
• High-level understanding of various IT Security standards and best practices (e.g., CIS baselines, NIST 800-53, ISO 27002 controls).
• High-level understanding of cyberattack methodologies and techniques, system vulnerabilities and common indicators of compromise, penetration testing and threat hunting techniques.
• High-level understanding of core security technologies like anti-malware, authentication, encryption, EDR, SIEM, and DLP.
• Working knowledge of network and security protocols including TCP/IP, SMTP, FTP, SSH, TLS, SSL, HTTP, IPsec and other VPN protocols.
• Experience with network, system, and application…