Information Security Specialist
: Job Details :


Information Security Specialist

TSR Consulting

Location: New York,NY, USA

Date: 2024-12-14T19:49:07Z

Job Description:
About TSR: TSR is a relationship-based, customer-focused IT and technical services staffing company. For over 40 years TSR, Inc. and its wholly owned subsidiary, TSR Consulting Services, have prospered in the Information Technology staffing business, earning the respect of companies both large and small with well refined candidate screening, timely placement, and a real understanding of the right skill sets required by our clients. Mission & Vision We do not believe in building a vision around the company but building a company around our vision, which is simply; Every employee's voice matters, their effort is appreciated, and their talent is rewarded. We challenge each employee daily, to raise the bar on how we treat our consultants and candidates. For far too long in this industry, candidates have been ghosted, lied to, or placed at a client and then forgotten about. Each day our staff works tirelessly at qualifying and placing, top talent with our clients, in a compassionate and caring manner. Not every candidate is a match for the job, but every candidate and consultant will be treated with respect and professionalism.Information Security SpecialistJob Description
  • Location: new york, New York
  • Remote: Remote
  • Type: Direct Placement
  • Job #81155
  • Salary: $175,000 Annually
Our client, a leading legal services company, is hiring an Information Security Specialist on a contract basis. Job ID #: 81155 Work Location: New York, NY (Remote Working Option) Summary: As an Information Security Specialist for the client, you will play a crucial role in reviewing new technologies, responding to incidents, improving and evolving our security operations, and assisting with client assessment response. You'll contribute to a wide variety of important tasks and backfill other Information Security roles across the department when extra capacity is needed, giving you broad exposure across multiple workstreams.This individual will be a lead responsible for analyzing and documenting complex security architectures for advanced Cloud and Artificial Intelligence products and platforms; and apply our risk management framework to recommend risk treatment options back to key stakeholders. This role will offer an individual a wide range of opportunities to acquire and use their Information Security expertise in an enterprise environment. The client is a preeminent law firm that prides itself on providing an extremely collaborative and collegial environment that is perfect for your career growth.We are leading the legal industry in the use of cloud and AI technologies and would love for you to join our team.We offer unmatched flexibility for hybrid work as well as providing a lovely office downtown to meet and work alongside your peers in Information Technology. Responsibilities Technology Security Reviews
  • Work collaboratively with key business stakeholders and internal IT contacts to conduct reviews and risk assessments of new technologies being considered for use. Formally document these architectures, delving deep into how the data is processed throughout its lifecycle, and clearly document security controls to protect that data.
  • Document risk assessments that can be easily understood by stakeholders and include actionable risk treatment recommendations/security requirements for implementation.
  • Act as a resource to the Project Management Office and other business stakeholders throughout their deployment lifecycle so that the recommended controls are implemented and tested properly.
Client Assessment Response
  • As assigned, using a defined process and existing artifacts, take end to end ownership of responding to incoming client security assessments & audits, RFPs, and Outside Counsel Guideline review.
  • Take first pass at completing lengthy client assessment questionnaires (100-200 questions on average) using a standard answer and evidence bank that ensures a consistent response across our client base.
  • Recognize when banked answers need to be updated based on our evolving security program and recommend new language or approaches to questions as appropriate.
  • Take professional pride in the quality of your response, ensuring that answers are accurate and complete; and work with the Senior Governance Risk and Compliance Analyst to validate answers before formally submitting them back to the client.
Incident Response / Security Operations
  • Monitor security events and alerts using security information and event management (SIEM) tools. Investigate and analyze security incidents to identify root causes and recommend remediation actions.
  • Collaborate with cross-functional teams to develop and execute refined incident response playbooks which are streamlined and ensure that any risks are properly managed.
  • Stay up to date on emerging cybersecurity threats, vulnerabilities, and best practices and scan for these emerging threats in our environment, providing prescriptive guidance to the teams affected.
Required Qualifications:
  • Bachelor's degree in information systems, Information Security, Risk Management, or a related field (experience may be considered in lieu of a degree).
  • At least five years' experience in Information Security or similar type role.
  • Extremely good written and verbal communication skills, with the ability to produce high quality documentation either during or shortly after meeting with a cross functional group to discuss a technology considered for use by the firm.
  • Excellent meeting facilitation and leadership skills necessary to own high visibility security reviews which receive attention from our internal legal team, CIO and other key stakeholders.
  • Reasonable understanding of security concepts, such as networking (routing, firewalls, NAT translation, proxies, SASE solutions), authentication, role-based access controls, encryption, data governance, etc.
  • Very good data analysis skills with prior SIEM or equivalent data reporting technologies (databases, complex Excel spreadsheets). The ability to think critically about how data is structured and what story it tells.The ability to use basic data visualizations to help readers quickly understand any relevant meaning within the data.
  • A good understanding of governance frameworks and compliance programs. Able to competently understand all manner of questions that relate to domains covered by ISO 27001, SOC2 and other common frameworks.
  • Extreme thoroughness and the ability to be directed on important initiatives, but to work independently to ensure the optimal outcome, reporting back to senior management on important milestones or issues that arise.
Pay Range: $85.00 - $90.00/hour
Apply Now!

Similar Jobs (0)