Security Administrator

Taft is currently seeking a Security Administrator to join our Information Technology team.

We are seeking a Security Administrator to join our information technology team. The Security Administrator is responsible for protecting Taft’s digital assets and those of its clients from unauthorized access. This role uses a multi-disciplinary approach, actively identifying and mitigating suspicious activity, evaluating and updating policies, and conducting security assessments as directed by the Security Operations Manager.

Duties & Responsibilities:

• Respond to security alerts, indications of compromise, and helpdesk security incident tickets in real time. Gather information, take action to protect the firm, and communicate findings.
• Assist the Security Operations Manager with internal and external security audits, security assessments, vulnerability testing, and risk analysis.
• Help develop and deploy end-user training programs and work with users to ensure compliance.
• Support IT and other teams in verifying the security of third-party vendors, collaborating to meet security requirements.
• Monitor security access, vendor access, remote access, and anomalies.
• Participate in periodic reviews by internal audit, compliance teams, and other risk-related functions as required.
• Adhere to all IT Department standards and Firm Information Security Policies, including but not limited to change control and maintenance windows.
• Follow ITIL (Information Technology Infrastructure Library) disciplines and processes, including IT Service Management, Incident Management, Change Management, and Problem Management.
• Maintain and apply knowledge of relevant areas by attending seminars, reading periodicals, and participating in outside organizations.
• Work cooperatively with the firm’s MSSP to ensure Taft resources are secure.
• Monitor the network for security-related issues, including abnormal access attempts, suspected malware, possible breaches, and any potential weaknesses.
• Collaborate with the helpdesk to identify and resolve possible security events and incidents, providing timely and relevant in-house escalation support and adhering to ticketing procedures and SLA requirements.
• Assist in researching new software applications intended to enhance the firm’s system security.
• Help draft documentation for security-related policies and procedures.
• Support the training team in preparing relevant security training plans and materials, and assess their adoption rate and effectiveness.

Requirements:

• Proficiency and understanding of current cybersecurity technologies, including perimeter/edge next-generation security, endpoint security, heuristic security, and security-related monitoring.
• Availability after hours and remotely to respond to threat alerts and possible attacks.
• Ability to write reports, knowledge base articles, and short procedures.
• Clear thinking in crisis or stressful situations.
• Occasional out-of-area and overnight travel may be required.
• Proficiency in Windows operating systems as they pertain to security threats.
• Proficiency in firewalls, application monitoring, and securing the network perimeter.
• Demonstrates teamwork (receptive to and acts upon input from others, willing and able to compromise as needed, displays willingness to work with all firm employees, willingly assists others).
• Demonstrates initiative (contributes new ideas, is self-motivated).
• Demonstrates organizational skills and effective use of time (ability to plan, set priorities, and manage time to ensure work is completed efficiently and within department plans and budget parameters).
• Demonstrates flexibility (willing to adjust to changes, able to work with all levels of firm employees).
• Exhibits dependability (maintains presence in all office locations as appropriate).
• Adheres to strict confidentiality standards (keeps all information concerning firm matters and clients confidential).

Education & Experience:

• Bachelor’s degree or equivalent work experience.
• One or more years of cybersecurity-related work experience.
• Security or Microsoft certifications are desired.
• Familiarity with helpdesk ticketing systems such as Service Desk Plus or ServiceNow.
• Law firm experience preferred.

Taft offers competitive compensation and a comprehensive benefits package, including medical, dental, vision, life, long-term disability, flexible spending, 401K, Paid Time Off, paid holidays, bonus, and more. The salary range for this position is $65,000/yr. - $85,000/yr. Actual compensation offer to candidate may vary from posted information based on work experience, education, and/or skill level.

Taft is an Equal Opportunity Employer. The information in this posting presents general duties, tasks, and responsibilities but is not intended to be an exhaustive listing. Taft Stettinius & Hollister LLP participates in E-VERIFY.