Security Analyst
Date: March 13, 2025
Bond, Schoeneck & King, PLLC, a law firm of 300 attorneys in over 30 practice groups, is accepting applications for a full-time Security Analyst to support our Information Technology Department. This position will defend our systems against unauthorized access, data modification, and destruction. This is a hybrid opportunity that can be based out of the following office locations: Buffalo, NY, Albany, NY, Syracuse, NY, White Plains, NY, or Long Island, NY. This role includes monitoring, analyzing, and responding to security incidents, and implementing preventive measures.
Position Responsibilities
- Monitoring and Analysis: Continuously monitor security alerts and events using the firm’s cybersecurity tools and platforms. Analyze potential security incidents to determine their impact and severity.
- Incident Response: Assist in the identification, containment, and mitigation of cybersecurity incidents. Escalate incidents to IT Security Engineer and provide detailed documentation of the incident.
- Asset Management: Assist in maintaining a thorough inventory of the firm's connected devices and systems.
- Threat Intelligence: Gather and analyze threat intelligence from various sources. Identify emerging threats and vulnerabilities that could impact the firm’s information systems.
- Vulnerability Management: Assist in the regular assessment of systems and applications to identify security vulnerabilities. Work with IT teams to remediate identified vulnerabilities.
- Access Control: Assist in monitoring and managing access controls to ensure only authorized personnel have access to sensitive information. Assist in conducting periodic reviews of access permissions.
- Security Awareness: Support the development and delivery of security awareness training programs for employee. Promote a culture of security within the firm.
- Documentation: Assist in maintaining accurate and up-to-date documentation of security policies, procedures, and incidents. Provide reports to management as required.
Job Requirements
- Bachelor’s Degree or equivalent experience required
- 8+ years’ related cybersecurity experience
- Proficiency in using cybersecurity tools such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection System/Intrusion Prevention System), EDR (Endpoint Detection and Response), and vulnerability scanners.
- Proficiency in information security frameworks, including ISO 27000, NIST, or COBIT.
- Knowledge of security standards such as HIPAA, NIST, PCI, SOX, DFARS, FISMA, NYDFS, and others.
- Exceptional troubleshooting and communication skills
- Self-motivated with a strong work ethic and high attention to detail
- Ability to prioritize multiple tasks and be responsive to requests
- Strictly adhere to the firm’s change management and other operational policies
- The ability to dynamically adjust the transfer of knowledge to co-workers as well as end-users in terms to which they understand
At Bond, exceptional work product and a collegial work environment are cornerstones of our success. We are committed to the communities in which we live and work. Bond has long recognized the value, both to its team and to our communities, of active participation in and support of charitable, governmental, professional and community-based organizations.
This position's salary range is between $95,000 to $105,000, negotiable based on years’ experience.
Bond’s offer of employment are contingent on:
- Completion of a satisfactory conflicts check
- Completion of a satisfactory background check
Bond, Schoeneck & King PLLC provides all employees and applicants an equal employment opportunity in the manner required by law in all aspects of employment regardless of race, color, religion, creed, national origin, age, sex, sexual orientation, gender identity or expression, marital status, military status, disability, predisposing genetic characteristics, domestic violence victim status or any other status protected by local, state or federal law. We thank all applicants for their interest and will contact those candidates who are under consideration.
