Information Security Analyst

Insight Global is seeking an IS Analyst to join the IT department of an AM 200 law firm. The Information Security Analyst plays a key role in protecting the firm's digital assets, client data, and case-related information by implementing and maintaining security controls in alignment with the ISO 27001 Information Security Management System (ISMS). The analyst will proactively monitor, detect, and respond to security threats; ensure compliance with legal industry data protection standards; and support ongoing risk and compliance initiatives. This role is essential for maintaining client trust, ensuring the confidentiality of privileged information, and meeting both ethical and regulatory obligations in the legal sector.

Essential Functions & Responsibilities:

-Security Monitoring & Incident Response

Monitor networks, systems, and endpoints for potential threats using SIEM, EDR, and IDS/IPS tools.

-Analyze security alerts, investigate incidents, and coordinate timely response and remediation.

Conduct root cause analyses and prepare post-incident reports.

-Maintain and test the Incident Response Plan as part of ISO 27001 continuous improvement.

Participate in legal hold or eDiscovery-related security reviews when required.

-Risk Management & ISO 27001 Alignment

Support the firm's Information Security Management System (ISMS) and contribute to maintaining ISO 27001 certification.

-Conduct periodic risk assessments, identifying potential threats to confidentiality, integrity, and availability of legal data.

-Document and monitor risk treatment plans and corrective actions.

-Participate in internal and external ISO audits by providing evidence and maintaining control documentation.

-Contribute to the ongoing maintenance of the Firm's risk register.

-Seek out opportunities for continuous improvement in processes and procedures.

-Vulnerability Management & Threat Intelligence

-Perform regular vulnerability scans and coordinate remediation with IT and service providers.

-Monitor industry-standard threat intelligence sources, cybersecurity forums, and dark web feeds for emerging risks, vulnerabilities, and threat actor activities targeting the legal sector.

-Track and report vulnerabilities relevant to law firms, third-party vendors, and legal technology platforms (e.g., document management systems, case management tools).

-Track and report on patch-management activity to be sure it aligns with required standards.

Stay informed on evolving attack vectors such as business email compromise, ransomware, and data exfiltration threats impacting professional services firms.

-Governance, Policy, and Compliance

Develop, maintain, and enforce security policies, procedures, and standards in accordance with ISO 27001 Annex A controls and policy lifecycle.

-Ensure adherence to data privacy laws (e.g., GDPR, CCPA) and client contractual obligations.

Collaborate with legal teams to align information security practices with attorney-client privilege requirements and ethical obligations.

-Support third-party vendor risk assessments and due diligence processes.

-Security Awareness & Continuous Improvement

-Support the firm's security awareness training program and conduct periodic phishing simulations.

-Educate staff on secure handling of confidential documents and client communications.

-Contribute to the continuous improvement cycle of the ISMS by identifying opportunities for control enhancement.

-Keep up to date with the latest developments in cybersecurity, privacy law, and ISO frameworks.

-Access Control & Data Protection

Manage and review access controls, ensuring least privilege and role-based access models are enforced.

-Monitor privileged accounts and perform periodic user access reviews.

-Work with IT to secure document repositories, collaboration tools, and cloud-based applications.

-Review and act as needed to on data loss prevention alerts from various tools.

Experience with ISO 27001, NIST CSF, or CIS Controls.

Proficiency with SIEM platforms (e.g., Splunk, Sentinel, LogRhythm).

Strong understanding of network protocols, IDS/IPS, and endpoint security.

Familiarity with vulnerability management tools (e.g., Qualys, Nessus) and ticketing workflows.

Knowledge of encryption, DLP, and secure file transfer solutions used in legal environments.

Understanding of cloud security concepts (Microsoft 365, Azure, or AWS).

Familiarity with scripting/automation tools and techniques.

Knowledge of EDR/XDR solutions and providers.

This is a full-time hybrid role, sitting 2 days in office each week in any of the firm's following offices: Baltimore, Boston, Chicago, Ft. Lauderdale, Harrisburg, Miami, Minneapolis, Newark, New York City, Philadelphia, Princeton, Wayne, PA, West Palm Beach, Wilmington, DE or Washington, D.C., Bachelor's degree in Information Security, Computer Science, Information Technology, or a related field. Equivalent experience considered.

-2-8 years of experience in information technology, information security, risk management, or compliance within a professional services or legal environment preferred. Certifications (Preferred):

CompTIA SecurityCertified Cisco Network Associate (CCNA)

Systems Security Certified Practitioner (SSCP)

Certified Information Systems Security Professional (CISSP)