FIND_THE_RIGHTJOB.
Security Analyst
New York, United States
Focused on employment and labor law since 1958, Jackson Lewis P.C.’s 1,000+ attorneys located in major cities nationwide consistently identify and respond to new ways workplace law intersects business. We help employers develop proactive strategies, strong policies and business-oriented solutions to cultivate high-functioning workforces that are engaged and stable, and share our clients’ goals to emphasize belonging and respect for the contributions of every employee.
The Firm is ranked in the First Tier nationally in the category of Labor and Employment Litigation, as well as in both Employment Law and Labor Law on behalf of Management, in the U.S. News - Best Lawyers® “Best Law Firms”.
Job Summary (basic description)
The Security Analyst is responsible for protecting the organization’s networks, systems, and applications from security threats. This role will focus on monitoring security alerts, leading breach investigations, application security testing, and supporting proactive defensive measures. The analyst will work closely with Security and IT members to strengthen defenses, minimize risks, and maintain compliance with our standards.
Essential Functions
- Monitor and respond to security alerts, tickets, and escalations in a timely manner.
- Lead and support breach investigations, including root cause analysis and remediation coordination.
- Proactively perform threat hunting exercises to identify potential threats before they occur.
- Review and respond to suspected phishing emails and other user-reported security concerns.
- Develop and tune detection rules to improve our SOC response.
- Participate in an after-hours on-call rotation for critical incident response.
- Document incidents, root causes, and lessons learned; generate KPIs and security metrics for reporting.
- Perform web application scanning, identify vulnerabilities, and coordinate remediation with development teams.
- Collaborate with DevOps and engineering teams on secure software development (SDLC practices, OWASP, DAST/SAST/SCA).
- Administer and maintain extended detection and response (XDR) security solutions.
- Execute automated penetration testing and vulnerability assessments to identify weaknesses.
- Develop and carry out attack simulations, red team/purple team exercises, and adversary emulation scenarios.
- Assist in the creation and enforcement of security policies, procedures, and playbooks.
- Collaborate with cross-functional teams to embed security with best practices in systems and applications.
- Collaborate with the risk management team to improve remediation timeline and best practices.
Minimum Education/Experience
- 3+ years of experience in help desk, system administration, or related IT role.
- 1-3 years of experience in cybersecurity operations, security monitoring, or penetration testing.
- Minimum 1 year of experience with scripting languages such as PowerShell, Python, and/or Bash.
- Minimum certifications: Security+, Network+, SSCP, or equivalent.
- Understanding of TCP/IP, DNS, HTTPS, and other core network protocols.
- Strong problem-solving skills, analytical thinking, attention to detail, communication skills, and the ability to work in a high-pressure environment.
- Proven experience leading incident investigations from identification to lessons learned phases.
- Experience analyzing logs from operating systems, firewalls, and security monitoring tools such as SIEM.
- Familiarity with endpoint protection technologies
- Good understanding of cloud technologies (SaaS, IaaS, PaaS)
- Ability to adapt to new role requirements and learn new technologies as requested.
#LI-LM1
#LI-Hybrid
Preferred Education/Experience
- Bachelor’s degree in Cybersecurity, Information Assurance, or related technical discipline.
- 5+ years of experience in cybersecurity operations, security monitoring, or penetration testing.
- Highly Preferred certifications: CISSP, CCSP, CPTS, SC-200 or equivalent.
- 3 years of experience with scripting languages such as PowerShell, Python, and/or Bash.
- 3 years of experience with Microsoft Kusto Query Language (KQL) to run searches and identify results.
- 3 years of experience with Microsoft Azure technologies such as Sentinel, Entra ID, and Defender XDR.
- 2 years of experience with application security testing, SDLC practices, dynamic and static scanning tools such as Rapid7 AppSec.
- 2 years of experience developing red team/purple team exercises.
- Familiarity with regulatory frameworks (NIST, CCPA, HIPAA, PCI DSS).
- 2 years of experience with the Vulnerability Management lifecycle.
For New York City Metro area, the expected salary range for this position is between $108,900 and $124,700. The actual compensation will be determined based on experience and other factors permitted by law.
We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, national origin, gender, age, religion, disability, sexual orientation, veteran status, marital status or any other characteristics protected by law.
Similar jobs
Sr. Configuration Analyst (ITS Analyst, Sr.)
Caloptima
Orange, United States
2 days ago
Sr Analyst, Technical Security and Access Control
Cboe Global Markets
Chicago, United States
2 days ago
Senior Security Analyst
Pondurance
Remote, United States
2 days ago
Senior Intelligence Analyst
KACE Company
Falls Church, United States
2 days ago
Senior Information Systems Security Officer (ISSO) / COMSEC Manager – Aurora, CO
Raytheon
Aurora, United States
2 days ago
Lead Content Creator (SaaS/Cybersecurity)
UnderDefense
Remote, United States
2 days ago
HRIS Senior Analyst- IT Enterprise Services
Choctaw Nation of Oklahoma
Durant, United States
2 days ago
© 2025 Qureos. All rights reserved.