Security Analyst

Crowell & Moring LLP is an international law firm with offices in the United States, Europe, MENA, and Asia that represents clients in litigation and arbitration, regulatory and policy, intellectual property, and transactional and corporate matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation and government-facing matters, as well as its ongoing commitment to pro bono service and diversity, equity, and inclusion.The Security Analyst is responsible for supporting the monitoring and management of the Firm’s security infrastructure, including email security, firewall infrastructure, vulnerability detection and remediation, monitoring, log collection/correlation, and intrusion detection/prevention. The analyst works in a cross-functional team to monitor, analyze, and improve the security posture of the organization, including incident response, vulnerability management, compliance, and audit activities. The analyst will collaborate with other departments and IT teams to ensure robust protection of firm assets and data. The analyst reviews incident reports and notifications from non-compliant users and systems and acts based on judgement and compliance criteria to review reports and escalate findings. The analyst suggests improvements to detection criteria and maintains detection systems.Job ResponsibilitiesMonitor and respond to security events including potential policy violations, malicious activity and insider threats.Analyze and escalate incidents appropriately, ensuring timely resolution and documentation.Maintain and improve detection systems, including IDS, firewalls, endpoint protection, and phishing detection.Conduct comprehensive vulnerability scanning, detection, and remediation across the firm’s infrastructure, ensuring effective management and resolution of vulnerabilities.Ensure adherence to regulatory frameworks (NIST, HIPAA, FISMA, etc.) and internal policies.Support and manage client audit requests, produce evidence, and respond to audit requirements.Track and periodically validate application and data authorizations.Develop and maintain technical and non-technical metrics to substantiate the firm’s information security program.Use statistical methods and tools to model normal and abnormal system behavior.Suggest improvements to detection criteria and security controls.Participate in projects to implement, upgrade, or modify security systems and processes, completing special projects and other duties as assigned by the Information Security Manager.