Cybersecurity Analyst

• Provide oversight and direction for the monitoring, interpretation, and assessment of security events generated by Firm security platforms, ensuring appropriate prioritization, escalation, and response to incidents.
• Conduct periodic, risk-focused reviews of the Firm's information security posture, including access controls and permission models, and recommend enhancements to improve security governance and reduce risk.
• Establish and enforce access governance standards by overseeing investigations of unauthorized or inappropriate access, directing remediation actions, and ensuring violations are properly documented and reported.
• Oversee the investigation and analysis of security alerts from endpoint protection, network security, and monitoring systems, ensuring alerts are appropriately triaged and addressed in accordance with Firm standards.
• Provide senior-level oversight of email security incident response, including phishing and malware investigations, remediation actions, and identification of systemic control improvements.
• Provide administration and strategic oversight of Microsoft Defender for Office 365, including policy design, tuning, threat investigation workflows, and continuous optimization to reduce phishing, malware, and business email compromise risk.
• Analyze Microsoft Secure Score and related security posture metrics to identify gaps, prioritize risk-based improvements, and lead remediation initiatives that strengthen the Firm's overall Microsoft 365 and Entra security posture.
• Maintain advanced knowledge of information security, risk management, and regulatory trends through ongoing professional development, industry engagement, and participation in relevant professional organizations.
• Serve as a key contributor to client-driven and regulatory security audits by overseeing the collection and validation of security control evidence and supporting responses to client data security assessments.

• Bachelor's Degree in Information Security.

• Relevant Cybersecurity certifications preferred (CISSP, CISA, CISM, etc.).

• Experience with security frameworks (e.g., ISO 27001) required.

• Experience managing Microsoft Defender for Office 365 - safe attachments, safe links, anti-phishing policies, spoof/intelligence protection, and threat hunting.

• Experience managing Security Email Gateways (Mimecast-preferred) - polices, mail flow, antispam/malware filters, reporting.

• Experience investigating and remediating email-based threats like phishing, business email compromise, ransomware, impersonation, and malware.

• Experience managing Endpoint Detection and Response platforms and performing alert triage, behavioral analysis, device isolation, threat hunting, remediation.

• Experience leading or contributing to full incident lifecycle - triage, containment, eradication, recovery.

• Experience with Security Information and Event Management (SIEM) concepts, threat intelligence, basic scripting, auditing, tuning.

Preferred Skills

• Knowledge of incident response methodologies.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of adversarial tactics and techniques.
• Knowledge of cybersecurity, ethics and privacy principles, along with related regulatory requirements.
• Ability to collect and analyze data to guide decision making.
• Ability to analyze and categorize vulnerabilities in information systems.
• Ability to organize, standardize, and manage detailed information.
• Ability to work collaboratively and effectively in and between teams.
• Ability to prioritize, managing multiple competing work efforts.
• Strong interpersonal, collaboration, and conflict resolution skills. Ability to exercise strong judgment in analyzing, appraising, evaluating, and solving problems of a difficult procedural, organizational, administrative, or technical nature.

At Fisher Phillips, we recognize that exceptional talent is the foundation of our success, enabling us to deliver outstanding service to both our internal and external clients. Joining our team means collaborating in a professional yet dynamic environment that leverages cutting-edge technology. Our leadership is committed to fostering your professional growth and providing opportunities to challenge yourself in meaningful ways. We believe in rewarding talent with more than just a competitive salary. Our comprehensive benefits package includes health, dental, and vision insurance, a 401(k) with profit sharing, generous paid time off, and holidays. Your well-being is our priority. We offer 24/7 telehealth services, a variety of wellness programs, and additional optional benefits designed to support your unique lifestyle. At Fisher Phillips, you'll find a workplace that values your health, happiness, and continued professional development.

Fisher Phillips, a premier international labor and employment law firm, is seeking a skilled and experienced Senior Cybersecurity Analyst to join our team. In this essential role, you will contribute to the seamless operation of our services, providing crucial support to our department in delivering exceptional client service and maintaining our commitment to excellence.