A large law firm is actively seeking a Risk & Compliance Incident Response Engineer to join the IT department. This role will be leading the incident response process and part of an operational after-hours supporting team. This position will support projects and tasks under the general direction of the Director of Information Security Governance, Risk & Compliance. This position will also work closely with the Operations, Applications, Security and ServiceDesk teams, as well as many other internal or external engineers as needed or required. This is an outage incident response role not a security incident response role. Responsibilities include the below:
· Monitor, investigate, report, and respond to incidents (security or operational outages)
· Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident
· Coordinate response, triage and escalation of incidents affecting the information assets, IT operations and IT processes
· Assist in after-action activities resulting from any findings associated with an incident
· Assist and maintain standard operating procedures (SOPs) and runbooks to meet the needs of IR requirements
· Assist in ServiceNow IT service delivery
· Assist in building methodologies to enhance incident investigation processes
· Identifying hidden risks within technical controls, IT operations and processes
· Develop a comprehensive and accurate reports for all incidents
· Review DLP violation reports received from NetDocuments, or O365, and prepare violations reports
· Assist with NIST CSF audit and provide recommendation for the remediation activities
· Assist in maintaining compliance with all IT policies and procedures
Interact with threat management systems/tools to find critical/high risk systems and create threat analysis reports and initiate follow-up action, and help reducing the risk
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
· Bachelors or higher degree in Computer Science, Cybersecurity, Information Technology, or related field of study desired
· ServiceNow experience and certifications desired
· 3+ years of relevant experience in risk and compliance and cybersecurity
· One or more security certifications such as GCIH, CISSP, Security +, or other relevant security certification(s) required
· Knowledge of the NIST Cybersecurity Framework (CSF), NIST 800-53 and 800 61
· Knowledge of cloud environment such as MS O365 or AWS is preferred
· Possess strong analytical, problem-solving, multitasking and time management skills
· Excellent technical writing and verbal communication skills
· Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing exemplary customer service
Ability to work independently and to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices
Law firm or professional service background
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.