Director, Information Security
Monday through Friday, 9:30 am – 5:30 pm weekends and after-hours availability at times.
Davis Polk & Wardwell LLP, is looking for a dynamic Senior information security analyst that will be a major contributor.
The ideal team member will be a motivated individual who would like to work on a diverse set of security-related projects and operational responsibilities.
This position requires a hands-on security practitioner who understands how to monitor for, identify, investigate and respond to suspicious activity using best-of-class tools as well as understanding how those tools work.
This is not in any way an auditor position.
Typical responsibilities include, but are not limited to, the following:
- Perform routine vulnerability management process and remediation process.
- Monitor and identify appropriate opportunities to optimize the performance and status of all cyber-security systems.
- Participate in the timely root cause analysis, handling, and resolution of security incidents.
- Work with various teams to ensure that security systems are working operationally and security systems functionality is optimal.
- Perform routine resolution of security request and event analysis.
- Utilizing advanced software and hardware tools, identify and diagnose problems affecting network security and/or presenting security risk.
- Perform internal vulnerability assessments.
- Assist in security compliance efforts.
- Work closely with the various technology teams in a collaborative culture representing operational and security standards.
- Assist in security project implementation from conception, design, testing and implementation.
- Contribute to long term security design strategy and roadmap, core security architecture, and documentation.
- Seek to identify and recommend processes to further optimize the delivery and value of Cyber security services to the firm.
- 5 or more years required of combined IT and security work experience (at least 3 of those years security specific) with a broad exposure to infrastructure/network and multi-platform environments (Windows & Linux).
- MUST HAVE: Direct hands-on working knowledge with a variety of Security tools including but not limited to Firewall, VPN, SIEM, IDS/IPS, EDR, Web Application Firewall, malware analysis and protection, content filtering, logical access controls, DLP, Sniffers, content filtering technologies, vulnerability scanners, forensics software, and security incident response.
- Solid understanding of standard business processes including Change Management, Problem Management, Work Prioritization, Quality Assurance, and Continuous Improvement best practices.
- Experience in using scripting languages to automate tasks and manipulate data is a plus.
- Self-motivated to be well informed of emerging security products, services, and standards with the goal of recommending appropriate tech and processes that move forward the continuous improvement of the firm’s security posture.
- Ability to work in a fast-paced complex environment; ability to multi-task, change direction, effectively prioritize, and meet deadlines.
- A commitment in being a motivated part of a dynamic forward-thinking team, with the ability to work effectively and optimistically with both local and remote staff, teammates and managers.
- Strong verbal and written communication skills.
- Ability and desire to share appropriate knowledge and experience with others.
- Bachelor’s degree in Computer Science, Information Technology or a closely related discipline is preferred but not a necessity for a candidate with extensive experience.
- Security related certifications are a plus. SANS certifications a big plus.
The expected base salary for this position ranges from $170,000 - $185,000. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, anticipated assignment, and, where applicable, licensure or certifications obtained. Market and organizational factors are also considered. Davis Polk offers a competitive salary and comprehensive benefits package.