Security Analyst

With 12 offices across the United States, 450+ professionals, and 350+ business professionals, Manatt, Phelps & Phillips, LLP ([www.manatt.com](http://www.manatt.com)), is a multidisciplinary, integrated national professional services firm known for quality and an extraordinary commitment to clients. The Firm’s groundbreaking approach—bringing together legal services, advocacy, and business strategy—differentiates Manatt from its competitors and positions the Firm to provide a distinct and compelling value proposition.

We currently have an opportunity for a Security Analyst to join our IT Security team. A Security Analyst is a hands-on technical role responsible for assisting in the maintenance of an organization's security systems, including monitoring security alerts, identifying vulnerabilities, conducting basic security assessments, and supporting the security team in incident response activities, while learning advanced security concepts and best practices under the guidance of senior engineers.

Responsibilities:

• Security Monitoring: Daily hands-on to help identify, analyze, and mitigate threats to internal IT systems and/or networks. Perform threat hunting and log review to identify indicators of compromise in logs and alerts from various security tools (firewalls, intrusion detection systems, SIEM). Analyze suspicious activity and investigate potential security breaches. Escalate critical security issues to senior engineers.
• Adjusting email and web filtering tools to help reduce malware and phishing attacks. Configure and troubleshoot security infrastructure devices such as intrusion detection systems and antivirus software.
• Vulnerability Management: Perform vulnerability scans on systems and networks to identify potential weaknesses. Analyze scan results and prioritize vulnerabilities based on risk level. Participate in remediation efforts by coordinating with system owners to patch vulnerabilities under the guidance of senior engineers.
• Security Policy Implementation: Participate in the enforcement of security policies and procedures. Ensure compliance with industry security standards and regulations. Ensure proper usage of an elevated account and the responsibilities.
• Adhere to stringent security standards, policies, and procedures for IT infrastructure and third-party vendors, ensuring alignment with both the overall business and technology strategies. Prepare and maintain documentation for standard operating procedures and security protocols.
• Provide support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security. Work closely with our IT teams and other stakeholders to ensure security measures are understood and implemented effectively. Support other teams and management with security concerns.
• Security Assessments: Conduct security assessments on new systems and applications.
• Assist with penetration testing activities. Assist with the penetration strategy and testing by working with approved external security vendors to conduct penetration and vulnerability testing. Regularly perform security audits to identify vulnerabilities and ensure compliance with security policies.
• Incident Response: Participate in incident response activities by assisting with containment, eradication, and recovery procedures. Document and report on security incidents in close collaboration with senior engineers.
• Technical Skills Development: Stay updated on the latest cybersecurity threats and vulnerabilities. Participate in the legal security community and information security feeds. Learn about security tools and technologies like advanced firewalls, intrusion detection systems, SIEM, and vulnerability scanners. Demonstrate and further develop proficiency in scripting languages for security automation. Retain and acquire additional security-related certificates.

Qualifications:

• BA/BS Degree or higher in an Information Systems discipline
• Knowledge of ISO 27001 preferred
• Security certifications from ISC2, GIAC, CompTIA, and others.
• Knowledge of security principles and best practices
• Understanding of IT Security in a Microsoft environment
• Understanding of network protocols, firewalls, VPNs, and intrusion detection/prevention systems.
• Knowledge of encryption algorithms and secure communication methods.
• Knowledge of Email Security and web browsing security tools.
• Experience with security tools such as antivirus software, SIEM (Security Information and Event Management) systems, and vulnerability scanners.
• Knowledge using SAML/ADFS/MFA
• Must be proficient with Microsoft Office
• Must have excellent oral and written communications skills
• Must be able to interface with all levels of firm management and staff
• Must be able to work with limited supervision
• Must have the ability to work independently as well as thrive in a team-oriented environment.
• Must be able to commute to office location Tuesday through Thursday weekly.

The base annual pay range for this role is $75,000 - $90,000. The base pay to be offered will vary and depend on skills and qualifications, experience, location and will also take into account internal equity. A full range of medical, financial and/or other benefits dependent on the position will also be offered.

EEO/AA EMPLOYER/Veterans/Disabled

Manatt is an equal opportunity employer, dedicated to a policy of non-discrimination in employment on any basis including race, color, physical or mental disability, religion, creed, national origin, citizenship status, ancestry, sex or gender (including gender identity, gender expression, status as a transgender or transsexual individual, pregnancy, childbirth, or related medical conditions), age (over 40), genetic information, past, current, or prospective service in the uniformed services, sexual orientation, political activity or affiliation, genetic or and any other protected classes or characteristic protected under applicable federal, state, or local law. Consistent with the American Disabilities Act, applicants may request accommodations needed to participate in the application process.

This employer will provide the Social Security Administration  (SSA) and, if necessary, the Department of Homeland Security  (DHS), with information from each new employee’s Form I-9 to confirm work authorization.

IMPORTANT: If the Government cannot confirm that you are authorized to work, this employer is required to provide you written instructions and an opportunity to contact SSA and/or DHS before taking  adverse action against you, including terminating your employment. 

Employers may not use E-Verify to pre-screen job applicants or  to re-verify current employees and may not limit or influence the  choice of documents presented for use on the Form I-9. In order to determine whether Form I-9 documentation is valid,  this employer uses E-Verify’s photo screening tool to match the photograph appearing on some permanent resident and employment authorization cards with the official U.S. Citizenship and Immigration Services’ (USCIS) photograph. If you believe that your employer has violated its responsibilities under this program or has discriminated against you during the verification process based upon your national origin or citizenship status, please call the Office of Special Counsel at 1-800-255-7688 (TDD: 1-800-237-2515).