Senior Cybersecurity Analyst (Minneapolis, MN; Denver, CO; Salt Lake City, UT; Phoenix, AZ) (#3903)

We are seeking a Senior Cybersecurity Analyst in our Firm-wide Information Systems department. In this role, you will be primarily responsible for the security system’s health, operational effectiveness, and efficiency of its monitoring, detection, response, and incident response functions within the Firm’s information security program and systems. You will play a key role with advanced or third level troubleshooting securing events, incidents, and infrastructure events, as well as communicating the status of ongoing security incidents, metrics, and other trends to leadership.

Additional Responsibilities Include

• Understand Dorsey core business activities and deploy information security solutions specialized to protect these activities.
• Maintain operational effectiveness and efficiency of Information Security tools such as Enterprise Syslog Servers, Intrusion Detection and Protection Systems (IDS/IPS), Microsoft Sentinel SIEM, CASB, Syslog, and others security tools maintaining systems, versions to current releases, backups, and partnering with Infrastructure teams as appropriate.
• Implement, maintain, deploy, monitor the SIEM, IDS/IPS, CASB, XDR/EDR Agents, and Syslog Servers feeding the SIEM, along with other security monitoring solutions to ensure the system health, completeness, and effectiveness of security monitoring.
• Create new SIEM detections aligned with the MITRE ATT&CK framework and recommend SIEM, CASB and other security tool improvements to leadership. Lead the team in researching and leveraging intelligence sources to improve security alert, event, and incident detection and response capabilities.
• Lead the security team to maintain and improve secure and resilient cloud and on-premises monitoring processes, and procedures, including the Incident Response Plan, IR playbooks, Operations playbooks, communications plans, threat hunting, SOC metrics, KPIs, and service level objectives for security events and incidents.
• Automate repetitive tasks within the SOAR environment using ML/AI to drive efficiencies, enabling focus on more-advanced tasks.
• Refine, update, and maintain playbooks, policies, procedures, Information Security Standards and Guidelines and align with industry best practices.
• Coordinate activities and escalations with Dorsey Information Security managed security service providers (MSSP).
• Examine log source data across endpoints, databases, applications, identity management, networks, mobile devices, and cloud. Expert analysis of logging, malware, or other malicious activity on Firm systems.
• Recommend adjustments to security tool configurations to minimize false positives. Provide recommendations for improving monitoring logging, identity management, data protection, detection, and preventative controls.
• Work with platform or business owners to identify security improvements, monitoring and remediation efforts post security assessments requiring attention.
• Maintain strong partnerships with security engineering, incident response, infrastructure, and IT teams to improve monitoring, workflow, and response capabilities.
• Serve as third-level, triage support to cyber security, information security event, incident response tickets, mentoring junior Security Operations Center staff (SOC), and leading the more difficult security alerts, events, and incidents.
• Participate in rotating after-hours, weekend, and holiday on-call schedule for escalation of security issues.
• Assist with security standards and security configuration baseline and updates for systems and business applications.
• Serve as a member of the information security change management team.
• Attend/participate in regular technical and non-technical projects and implementation meetings and serve as the security consultant to help guide secure application and infrastructure configurations, information security oversight and to ensure policies, procedures and standards are met.
• Assist with internal and external auditors for compliance and risk assessments if needed.
• Upon request, work with the SOC Manager to report on the state of the SOC to Information Security Director and stakeholders.
• May be requested to perform other analyst duties not listed above.
  
  

What We’re Looking For

• High School diploma or G.E.D. equivalent and some post-secondary coursework and/or equivalent experience.
• At least 5 years of information security/SOC experience (or combination of 3 to 5 years of IT system administration with security, in a security operations center or an incident response role).
• Ability to create detections aligning with MITRA ATT&CK framework.
• Expertise in incident response, system monitoring, and analysis. In-depth knowledge and expertise with SIEM, IDS/IPS, web proxies, EDR, XDR, SIEM, CASB, DNS security, sandboxing, and firewalls.
• Expertise in analyzing and inspecting log files, network packets, and other security tool information outputs from multiple system types.
• Expertise in multiple computing platforms, including Windows, OSX, Linux, Unix, networks, and endpoints.
• Strong knowledge of Information Security, Incident Management, Security Monitoring, Threat Intelligence, Incident Response, and Risk Classification functions.
• Experience with technical analysis of email headers, links, and attachments to determine if an email is malicious, and then executing the appropriate remediation techniques to protect the environment.
• Strong interpersonal and collaborative communication skills. Ability to weigh and communicate business needs and costs against security concerns and articulate issues to management.
• Demonstrated technical knowledge through experience or certification(s).
• Ability to effectively multi-task, prioritize, works calmly under pressure and with tight deadlines, trustworthy and acts with integrity, curious and adaptable.
• Excellent problem-solving abilities, analytical, problem-solving mindset, and attention to detail. Stays current with evolving threat landscape.
• Team oriented and skilled in working in a collaborative environment with the ability to clearly and concisely document and explain technical details (e.g., experience documenting incidents, technical writing, etc.).
  
  

Required Technical Skills (minimum Of Six)

• Microsoft Azure Microsoft Sentinel SIEM experience of two years (or similar SIEM experience).
• Microsoft Defender Endpoint Admin experience of two years (or similar EDR).
• Microsoft Defender for Server Admin experience of two years (or similar EDR).
• Microsoft CASB Admin experience of two years (or similar CASB).
• Identity and Access Management Tool Admin Experience of two years, Microsoft EntraID, Microsoft Active Directory (or Sailpoint, CyberArk, Oracle).
• Advanced Windows and Linux operating system skills.
• Advanced HPE Intrusion Detection System Administration skills (or similar SD WAN IDS skills).
• Proficient in scripting languages such as PowerShell, Python, and skilled in using KQL.
  
  

Preferred

• Bachelor’s degree.
• Experience with ISO 27001:2022 compliance requirements.
• SANS GSEC GCIA (and related), CISSP, CCSP (a plus).
  
  

About Dorsey

Dorsey & Whitney is an AmLaw 100 international law firm with more than 575 lawyers in 21 offices throughout the United States, Canada, Europe and Asia. We are a premier legal counselor to companies worldwide in a wide range of industries, including banking & financial institutions; development & infrastructure; energy & natural resources; food, beverage & agribusiness; healthcare & life sciences; and technology.

Dorsey offers opportunities for advancement within a collaborative and dynamic environment, with competitive pay and excellent benefits. Our benefits are available to business professionals working 17 hours/week along with their dependents, including spouses and domestic partners regardless of gender. Dorsey’s benefit package includes: comprehensive medical insurance with coverage for infertility, gender-affirming care, behavioral health, and access to virtual providers; dental insurance; vision insurance; 401(k) retirement savings plan with Firm contribution; basic and optional life insurance; short and long-term disability; paid time off; up to 8 weeks of paid parental leave with up to an additional 6-8 weeks of paid short-term disability for business professionals who give birth; paid holidays; paid volunteer day; discretionary bonuses (if bonus eligible); adoption assistance; healthcare, dependent care, and transportation pre-tax reimbursement accounts; back-up child and elder care program; education and college advising program; virtual tutoring; wellbeing programs and activities; mass transit program (certain offices); travel assistance program; 24/7 employee assistance program with access to five confidential visits with a licensed counselor at no cost. (Some benefits are subject to eligibility criteria.)

Dorsey values the strength that comes from a diverse and inclusive workplace. It contributes to the success of our people and our clients and enriches our experience. We believe that everyone should feel at home and part of our community. We encourage individuals with diverse backgrounds and experiences to apply.

One Of Our Greatest Strengths Is a Friendly, Cooperative Culture That Values And Appreciates Each Individual. Dorsey Has Received External Recognition For Our Welcoming Workplace, Including

• Mansfield Certification Plus (Diversity Lab)
• Best Law Firms for Women (National Association of Female Executives and Flex-Time Lawyers)
• 100% rating on the Corporate Equality Index (Human Rights Campaign)
• Gold Standard Certification (Women in Law Empowerment Forum)
• Top 100 Adoption-Friendly Workplace (Dave Thomas Foundation for Adoption)
  
  

Reasonable Accommodations

Dorsey is committed to providing disability and religious-based reasonable accommodations, as well as menopause, pregnancy or lactation-related reasonable accommodations. If you require a reasonable accommodation during the application and hiring process, or if you have questions about a workplace reasonable accommodation, please contact us at 612-492-5178.

How To Apply

Dorsey & Whitney LLP accepts online applications. Please go to the “Careers” section of the Dorsey website at www.dorsey.com/staffjobs and complete Dorsey’s online application form. We are unable to accept application materials by mail or email.

Dorsey & Whitney LLP is an EEO/AAP/Disabled Vets Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, ancestry, sex, national origin, sexual orientation, gender identity, affectional preference, disability, age, marital status, familial status, status with regard to public assistance, military or veteran status, or any other legally-protected status.

Dorsey & Whitney LLP participates in E-Verify.

The pay range for this position in Minnesota and Colorado only is an annual salary of $96,000 to $118,000.

This range represents Dorsey’s good faith estimate of likely compensation at the time of posting. Actual pay will be dependent upon a number of factors, including the candidate’s experience, qualifications, skills and location and may fall outside of the range indicated.

Applications will be accepted through February 25, 2025.

Please note that Dorsey is not currently accepting search firm submissions in connection with this opening.

Office Location:

Minneapolis, MN

Denver, CO

Salt Lake City, UT

Phoenix, AZ