Information Security Analyst – for global law firm in Washington, DC. This position is part of the Information Security Governance, Risk, and Compliance Group and candidate will work closely with the Director to provide service ensuring compliance with information security policy and procedures. This position is responsible for maintaining continuous monitoring of activities while performing threat detection and remediation.
Perform technology risk assessment activities
Conduct information security training, awareness, and outreach activities.
Perform technology platform vulnerability scanning activities.
Prepare assessment report results reflecting vulnerability, compliance, and data risks identified.
Track resolution of identified information security issues.
Analyze audit logs for exceptions to policy.
Maintain inventory of exceptions to Information Security policy, standard, control, and configuration requirements for reporting to clients.
Assist with information security incident response activities.
Bachelor’s degree (computer science, information systems, or related) ideal
2+ years of experience in an information security professional role.
Knowledge of security issues, techniques, and implications across computing platforms.
Knowledge of ISO 27001:2013 control framework.
Experience with vulnerability scanning tools.
Knowledge of information security policy, standards, and industry best practices.
Strong interpersonal and written communication skills, professional attitude, and strong references.
Salary is commensurate with experience