Information Security Analyst at LegalZoom (Greater LA Area, CA)
| Greater LA Area
Sorry, this job was removed at 11:02 a.m. (PST) on Thursday, December 16, 2021
Description About LegalZoom We're here to make legal help accessible to all. LegalZoom transformed the legal industry with the launch of our online services and groundbreaking technology in 2001. Since then, millions of customers have counted on us to officially start and run businesses, protect brands and intellectual property, and look after loved ones through wills and trusts.As the industry leader for over 20 years, innovation remains at the center of all we do. We're creative thinkers and problem solvers with a passion for building legal and tax products that make a positive impact on the world, and we're always looking for exceptional people to push us further.With us, you'll do work that's as rewarding as it is challenging with a team where every voice matters and diversity, equality, and inclusion are truly embraced. Together, we'll continue to democratize the law and make a real difference in the lives of millions. Overview As a valued member of the LegalZoom Information Security Team, the Analyst will be responsible for early and accurate detection, response, and containment of threats directed against the environment. This role requires advanced skills in intrusion detection and threat hunting to identify credible risks/adversaries to proprietary and sensitive data before a potential breach. Collaboration with Enterprise IT, security engineers, developers, vendors, and business units to constantly improve the overall security posture will be the key to success at LegalZoom. We're looking for a team player with highly technical analytical skills. You will
- Provide thorough, ongoing documentation of all aspects of the LZ Information Security program.
- Monitor and analyze network, server, endpoint, database, and application activity for indicators of compromise and continuously tune rules to reduce false positives.
- Incident response for workforce and client-side applications.
- Hunt for existing and new threats within the network and endpoints.
- Scan, assess, and mitigate vulnerabilities on internal company assets and LegalZoom hybrid cloud-based customer platform.
- Investigate phishing email reports and interface with users in a professional manner.
- Contribute to information security process improvement and documentation.
- Keep current with cybersecurity news and technologies to implement new features in existing security solutions as well as strategically put new solutions on the roadmap.
- Identify, evaluate, and conduct proof-of-concepts for new technologies and collaborate with security engineers on implementation.
- Develop business relationships and integrate activities with other departments to ensure successful implementation and support project efforts.
- Mentor business units in understanding and adhering to cybersecurity guidelines and best practices at work and home. Promote knowledge sharing within the technical communities.
- Foster and maintain good relationships with colleagues to meet expected customer service levels.
- Personal accountability for project timelines and milestones.
- Minimum 2-4 years of experience working in cybersecurity operations and incident response, to include utilizing Security Information and Event Management (SIEM) platforms, Cloud Security, Intrusion Detection/Prevention Systems (IDS/IPS), Web Application Firewalls, Vulnerability Management and Threat Intelligence applications preferred.
- At least one of the following certifications with combined experience: CISSP, CEH, GCIH, GCFA, Security+ or OSCP.
- Programming/scripting experience (Bash, Python, PowerShell).
- Knowledge of working with vendor API's to automate tasks.
- Knowledge of the OWASP Top 10 web application security risks and how to minimize them.
- Excellent organizational and analytical skills.
- Ability to communicate clearly and professionally.
- Skilled in problem diagnosis and resolution.
- Proficiency in multi-tasking and prioritizing projects.
- Bachelor of Science degree in Information Security, Engineering, Computer Science, or related field preferred.
Read Full Job Description