drjobs Security Analyst

Security Analyst

Employer Active

1 Vacancy
drjobs

Job Alert

You will be updated with latest job alerts via email
Valid email field required
Send jobs
Send me jobs like this
drjobs

Job Alert

You will be updated with latest job alerts via email

Valid email field required
Send jobs
Job Location drjobs

Tampa, FL - USA

Monthly Salary drjobs

Not Disclosed

drjobs

Salary Not Disclosed

Vacancy

1 Vacancy

Job Description

At Morgan & Morgan the work we do matters. For millions of Americans were their last line of defense against insurance companies large corporations or defective goods. From attorneys in all 50 states to client support staff creative marketing to operations teams every member of our firm has a key role to play in the winning fight for consumer rights. Our over 6000 employees are all united by one mission: For the People.

Security Analyst This is an ONSITE ROLE

Tampa Florida United States

Summary

We are seeking a highly motivated and skilled Security Analyst to join our cybersecurity team. This role will support employees and partners in all time zones and may require off hours support. The successful candidate will be responsible for providing cybersecurity support via phone calls email and chat. The Security Analyst will respond to inquiries troubleshoot problems and provide resolution or escalation as required.

Responsibilities

  • Monitor Internal Security Systems: Actively monitor security alerts and events using the firms Security Information and Event Management (SIEM) platform analyzing data from Endpoint Detection and Response (EDR) Identity Threat Detection and Response (ITDR) Email Security Gateway(s) Identity and Access Management (IAM) systems Secure Web Gateway(s) (SWG) firewalls and other internal security tools.
  • Manage ThirdParty SOC Alerts: Receive acknowledge and validate security alerts and escalations from the firms thirdparty Security Operations Center (SOC) correlating external alerts with internal security telemetry (logs and events from SIEM EDR network identity systems etc. to confirm threats and initiate response.
  • Email Threat Analysis & Release (Primary Duty): Review and meticulously analyze emails quarantined by the firms email security systems upon user request for release. Assess legitimacy identify malicious indicators and make informed decisions to safely release or block messages.
  • Alert Triage & Correlation: Triage and analyze security alerts from internal systems and the thirdparty SOC. Correlate alerts across diverse systems including identity threats (from IAM and ITDR solutions) endpoint events (from EDR solutions) and network traffic (from SWG and firewalls) to identify attacks and policy violations.
  • Incident Handling & Response: Serve as a key member of the incident response team initiating response based on validated alerts. Utilize Security Orchestration Automation and Response (SOAR) platforms EDR capabilities and IAM systems for containment (e.g. disabling accounts isolating endpoints) eradication and recovery. Document all incident handling steps.
  • Incident Investigation: Conduct detailed investigations into security incidents leveraging data from SIEM EDR SWG IAM and other relevant security logs to determine scope impact and root cause.
  • Vulnerability Management Support: Analyze vulnerability data from the firms vulnerability management platform(s); assist in prioritizing and tracking remediation efforts with relevant IT teams.
  • Threat Intelligence Awareness: Stay informed about emerging cybersecurity threats and vulnerabilities relevant to the legal sector and the firms technology stack.
  • Collaborate for Security Enhancement: Partner with relevant IT teams (Infrastructure Networking Applications etc. and business departments to advise on and assist with the implementation of enhanced security controls configurations and processes across the firms infrastructure and applications.
  • User Interaction & Support: Assist employees and business partners regarding security inquiries or processes (like email release requests) via appropriate channels (email chat phone) in a timely and professional manner maintaining a high level of customer satisfaction.
  • Documentation: Maintain accurate and detailed documentation for security incidents investigations analysis decisions and procedures.
  • Perform other duties as assigned.

Requirements

  • Proven experience with core security technologies including Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Email Security Gateways Secure Web Gateways (SWG)/Web Security Proxies Identity and Access Management (IAM) and Vulnerability Management tools in a midsize or enterprise environment. Strong familiarity with integrated enterprise security suites and cloudnative security tools is highly desirable.
  • Equivalent of 12 years of experience in a Security Operations Center (SOC) Incident Response or technical Helpdesk/Service Desk role with a security focus.
  • Fundamental understanding of networking concepts (TCP/IP DNS HTTP/S) and operating systems (Windows/MAC).
  • Basic knowledge of identity management concepts (e.g. Directory Services Cloud IAM).
  • Strong analytical and problemsolving skills with excellent attention to detail.
  • Ability to correlate security events from multiple sources.
  • Excellent communication skills (written and verbal) and professionalism.
  • Selfmotivated actionoriented and driven to learn continuously.
  • Must embody trust dignity integrity and accountability.
  • Ability and willingness to work hours aligned with supporting the Pacific time zone.
  • (Note: While specific certifications are listed as preferred holding relevant industry certifications demonstrates a strong foundational knowledge highly valued for this role.

Preferred Qualifications

  • Handson experience with SIEM platforms integrated EDR/ITDR/Email Security suites cloud IAM solutions and Secure Web Gateway technologies.
  • Experience analyzing quarantined emails and identifying phishing/malware indicators.
  • Experience responding to alerts from an MSSP or thirdparty SOC.
  • Experience with enterprisegrade vulnerability management platforms.
  • Familiarity with security frameworks such as NIST CISv8 or ISO 27001/27002.
  • A demonstrated commitment to continuous learning and staying current with evolving cybersecurity threats tactics techniques procedures (TTPs) and technologies.
  • Relevant cybersecurity certifications are highly preferred. CompTIA Security CompTIA CySA; Microsoft certifications like SC200 (Security Operations Analyst) or AZ500 (Azure Security Engineer); (ISC) SSCP; or equivalent practical experience will also be strongly considered.

Key Technologies Currently in Use

  • This section lists the primary tools currently deployed within our environment to fulfill the capabilities described above. While direct experience with these specific products is beneficial the core requirement is proficiency in the underlying security concepts and functions. This list may evolve as our technology stack changes.
    • SIEM / SOAR: Microsoft Sentinel
    • Endpoint Detection & Response (EDR): Microsoft Defender for Endpoint
    • Identity & Access Management (IAM) / Identity Threat Detection: Microsoft Azure Entra ID Microsoft Defender for Identity
    • Email Security: Microsoft Defender for Office 365
    • Secure Web Gateway (SWG): Zscaler Internet Access
    • Vulnerability Management: Microsoft Defender Vulnerability Management (among other potential tools)

#LIMB1

Benefits

Morgan & Morgan is a leading personal injury law firm dedicated to protecting the people not the powerful. This success starts with our staff. For fulltime employees we offer an excellent benefits package including medical and dental insurance 401(k) plan paid time off and paid holidays.

Equal Opportunity Statement

Morgan & Morgan provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race color religion age sex national origin disability status genetics protected veteran status sexual orientation gender identity or expression or any other characteristic protected by federal state or local laws.

EVerify

This employer participates in EVerify and will provide the federal government with your Form I9 information to confirm that you are authorized to work in the U.S. If EVerify cannot confirm that you are authorized to work this employer is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you including terminating your employment. Employers can only use EVerify once you have accepted a job offer and completed the I9 Form.

Privacy Policy

Here is a link to Morgan & Morgans privacy policy.


Required Experience:

IC

Employment Type

Full Time

About Company

Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.