Information Security Analyst

Job Summary

Kutak Rock seeks an Information Security Analyst to join its Cybersecurity team. This position supports the Director of Cybersecurity, Information Security Management Team (ISMT), and Information Technology (IT) department in implementing and maintaining secure configurations, procedures, and strategies that align with the Firm’s business goals and client and regulatory requirements. This position will focus on mitigating technical risks, maintaining critical security systems, and assist with identifying and responding to security incidents while working in a collegial and collaborative environment.

This is a full-time position that offers a hybrid work option in one of the following firm offices: Atlanta, GA; Denver, CO; Fayetteville, AR; Irvine, CA; Little Rock, AR; Los Angeles, CA; Kansas City, MO; Minneapolis, MN; Omaha, NE; Philadelphia, PA; Richmond, VA; Rogers, AR; Scottsdale, AZ; Spokane, WA; Springfield, MO; Tallahassee, FL; or Washington D.C. This position may be able to convert to a remote position after introductory period.

This position will close 2 weeks from the date of posting, May 6, 2025. Applications after the close date will not be considered.

Responsibilities

• Work with system owners to analyze, design, and help implement secure system configurations, processes, and features in support of the Information Security Management System (ISMS)
• Perform vulnerability/risk analysis of computer systems, software, and applications
• Manage and maintain Firm systems and processes to monitor, alert, and ensure that only approved applications and executables are executed within the environment
• Establish security metrics to baseline, monitor, and report on security effectiveness and progress in areas of responsibility
• Document, track, respond, and escalate incidents that may cause ongoing and immediate impact to the firm
• Analyze log files from a variety of sources to identify possible threats to system security
• Identify, investigate, and remediate threats, suspicious and malicious activity, coordinating response as necessary
• Assist in the identification and acquisition of new information security products and services
• Work with vendors to facilitate security projects
• Gather and analyze information on emerging cyber threat, information security trends, technologies, and related regulatory issues.
• Communicate relevant information to the Director of Cybersecurity, ISMT, IT leadership, members of IT staff and others, as appropriate
• Make recommendations for improving the security posture across the enterprise
• Promote data security awareness within the IT Department and across the Firm
• Participate in the maintenance of the Firm’s Disaster Recovery and Business Continuity Plan
• Ensure all security standards and procedures are kept current
• Excellent interpersonal communications skills to interact with executives and all employees
• Travel to offices and work extended hours when necessary (10%)
• Perform other related duties as assigned

QUALIFICATIONS: Skills and Abilities

• Demonstrated knowledge of vulnerability management in an enterprise information security environment
• Ability in documenting, implementing, and managing an enterprise information security infrastructure
• Advanced knowledge of security and security related tools and technologies including: Windows Operating System; IDS/IPS; SIEM; Web Proxy; Encryption; Firewalls; Patch management; Vulnerability Scanning & Remediation; Penetration Testing; DLP; Secure Email Gateways; MDM; Account Management; Log Analytics; Two Factor Authentication; Single Sign On; Antivirus; TCP/IP; HTTPS; SSL; TLS; DNS; Advanced Endpoint Protection; Cloud Services; and Wireless systems
• Knowledge of methods for identifying and protecting networks against common and emerging security attacks and advanced persistent threats
• Knowledge of ISO 27001 security standards
• Knowledge of rules and regulations related to GLBA, HIPAA, Mass Privacy, etc.
• Exceptional customer service and responsiveness to both internal and external clients
• Strong organizational skills with the ability to manage priorities, meet deadlines, and collaborate with team members
• Effective verbal and written communication skills to compose outgoing notifications, technology communications, and executive level reporting and summaries
• Ability to analyze and prepare recommendations relating to security and compliance for existing and future IT architecture
• Ability to communicate security exposures, misuse or non-compliance situations to management

QUALIFICATIONS: Education and Experience

• High school degree or equivalent required, bachelor’s degree in computer sciences or related field preferred
• CISSP, SSCP, GIAC, or ECSA certification required
• 5 years’ experience in information technology operations which includes systems administrator responsibilities
• 3 years’ experience in information security
• Experience implementing, managing, and maintain Windows, Windows Server, or networking devices preferred

Position Information

Status: Exempt

Salary Range: $81,000-$110,000 per year, commensurate with education and experience

Work Arrangement: Hybrid in commutable distance in one of the following offices: Atlanta, GA; Denver, CO; Fayetteville, AR; Irvine, CA; Little Rock, AR; Los Angeles, CA; Kansas City, MO; Minneapolis, MN; Omaha, NE; Philadelphia, PA; Richmond, VA; Rogers, AR; Scottsdale, AZ; Spokane, WA; Springfield, MO; Tallahassee, FL; or Washington D.C. This position may be able to convert to a remote position after introductory period.

Benefits

Medical, Dental, Vision, Life, Dependent Life, Disability, and Accidental Death & Dismemberment insurance. Flexible Spending Plan. Health Savings Account. Profit-Sharing and 401(k) Retirement benefits. Discretionary bonuses. Nine Paid Holidays per calendar year. Nine hours of paid time off accrued each month. Paid parental leave. Fertility coverage assistance. Adoption and surrogacy financial assistance. Bereavement, jury duty, military leave. Employee Assistance Program. Back-Up Care. Domestic Partner Benefits. Commuting Benefits. Technology Allowance. Tuition Reimbursement. Employee Referral Program. Some of the foregoing benefits include Employer/Employee cost sharing.

Additional Information

Any offer of employment is contingent upon the successful completion of a background check.

California Applicants: Qualified applicants with criminal histories will be considered for employment in a manner consistent with the requirements of the Los Angeles Fair Chance Initiative for Hiring Ordinance (FCIHO).

About The Firm

Kutak Rock was formed in 1965 with a commitment to exceptional client service delivered with a collaborative, team-focused approach. Our founding charter commits the firm to “allow and encourage each individual within it to be a full person,” and we strive to offer an exceptional professional environment, intellectually challenging and engaging work in multiple disciplines, competitive compensation and benefits, opportunities for training and career development. We are a leading national law firm with locations in 19 cities united by our common commitment to our core values of client service; integrity and fairness; innovation; and inclusiveness and diversity.

We are dedicated to the maintenance of a respectful, collegial, communicative, and equal opportunity workplace that encourages and rewards innovation and entrepreneurship. We measure our success not just on the basis of our revenues or our profits, but by the satisfaction we deliver for our clients and the health, engagement and loyalty of our people.