Information Security Analyst

Burr & Forman LLP has an immediate opening for a full-time, experienced Information Security Analyst. Preference is given to candidates who will be located in our Birmingham, AL office, but other locations in our footprint may be considered. The Information Security Analyst will be at the forefront of working with the most recent security issues, exploits, attacks, and other nefarious activities. This role will assist in maintaining audit and compliance activities to ensure that policies, standards, procedures, and audit activities align with business and regulatory requirements.

Burr & Forman enjoys a highly collaborative culture in a familiar environment where individual contributions are recognized and valued. Our clients have local, national, and international interests, and the work we do is interesting and important. If you're a service-minded professional with intellectual curiosity and excellent work ethic, please consider joining our team at Burr & Forman.

KEY CONTRIBUTIONS

• Engineer, implement, and monitor security measures for the protection of computer systems, networks, and information
• Validate the firm against policies, guidelines, procedures, and regulations to ensure compliance
• Perform threat hunting and investigations into potential threats based on log data and provide results of analysis to management
• Provide analysis and trending of security log data from a wide range of security devices
• Participate in disaster recovery and business continuity activities
• Participate in cyber incident tabletop exercises
• Function as the subject matter expert in the process of responding to, identifying, and mitigating security incidents
• Function as the subject matter expert for the security tools and platforms utilized by the firm (e.g. EDR, NAC, and DLP)
• Manage, perform, and report on security risk assessments and business impact analysis (BIA)
• Configure and troubleshoot security infrastructure devices
• Understand infrastructure, network, cloud, and desktop, as well as security regulations, requirements, and best practices
• Write comprehensive reports including assessment-based findings and outcomes, and propose further system security enhancement
• Perform Vulnerability Assessment and Penetration Testing (VAPT)
• Assist in planning, implementing, and documenting a secure network topology to meet business requirements
• Assist with the design of the security topology to meet Defense in Depth principles
• Assist with completing client security questionnaires and assessments
• Respond to internal and external inquiries to provide technical assistance and support
• Demonstrate a continuous effort to keep abreast of the information security industry by attending seminars, conventions, and demonstrations, and by reading appropriate technical manuals and industry publications

THE ESSENTIALS

EOE / M / F / Vet / Disabled

Burr & Forman is an equal opportunity employer and is committed to recruiting, hiring, developing, and promoting lawyers and staff without regard to age, race, color, religion, sex, national origin, military and protected veteran status, sexual orientation, gender identity or expression, transgender status, sex stereotyping, or disability.

Please view Equal Employment Opportunity, E-Verify, and other related posters at www.burr.com / careers / working-at-burr.

Equal Opportunity Employer / Protected Veterans / Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)