Senior Information Security Analyst/Penetration Tester

Summary: The Senior Information Security Analyst will be responsible for monitoring the Firm security systems and performing penetration tests of the WLRK infrastructure. Key responsibilities entail daily monitoring activities, including SIEM and other security tools and identification and mitigation of suspicious events, conducting controlled penetration tests, identifying vulnerabilities, and delivering reports with recommendations for mitigation. The successful candidate will also support all other Security Operations activities and assist in the deployment and operation of information security systems, as well as work on a diverse set of security related projects and responsibilities. Essential Duties and Responsibilities: Perform real-time security log and event analysis and take action to contain and mitigate information security threats. The events will originate from SIEM, DLP, IDS, IPS, antivirus, firewalls, system security logs and user reports. Conduct manual and automated penetration testing of web applications, APIs, networks, cloud environments, and mobile apps. Simulate real-world cyber-intrusion techniques to identify security vulnerabilities and validate practical exposures/risks. Develop automation workflows, routines and scripts to support advanced testing efforts and remediation validation Contribute to red team engagements, threat modeling, and purple team exercises. Assist in maintaining existing security systems, such as IPS/IDS, Anti-Virus, EPO, SIEM, NAC and other cyberattack detection and analytics tools; assist with security technologies deployment, configuration, troubleshooting, maintenance, patching/upgrading and decommission. Make enhancements to existing monitoring and security operations and contribute to a Continuous Monitoring program framework. Work across teams to accomplish security program goals. Knowledge, Skills, and Abilities Required: Strong knowledge of network services, vulnerabilities, exploits and attacks vectors and TTPs (Tactics, Techniques, and Procedures). Proven experience in penetration testing, ethical hacking, or purple teaming. Strong knowledge of OWASP Top 10, MITRE ATT&CK, CVSS, and common exploit techniques. Proficiency with tools like Burp Suite, Metasploit, Nmap, Nessus, Kali, Bloodhound, or similar. Familiarity with scripting (e.g., Python, PowerShell) for automation and vulnerability validation. Understanding of IT infrastructure, networking, system internals (Windows/Linux), and web/application security. SPLUNK Administrator or Power User considered a plus. Strong knowledge of server and desktop operating systems, routers, switches, firewalls and other network equipment. Experience with cloud environments (SaaS, iDP, AWS, Azure, GCP) and cloud security testing. Knowledge of mobile app security vulnerabilities (iOS, Android) and threat modeling a plus. Participation in Capture The Flag (CTF) events or offensive security challenges Critical thinking, investigative mindset and ability to conduct root cause analysis. Detail-oriented and able to meet tight deadlines. Excellent written, verbal and interpersonal skills. Highly motivated self-starter with an inquisitive personality. Desire and ability to learn new skills and concepts. Education and Experience: Bachelor’s degree in related field or discipline. Minimum of 7 years of experience in information security. Certifications such as GPEN, OSCP, OSEP or similar are highly desirable. CISSP, CISA, CEH, GIAC and other industry certifications considered a plus. Working Conditions: Normal office environment with little exposure to excessive noise, dust, temperature and the like. Wachtell, Lipton, Rosen & Katz provides competitive compensation and benefits to its employees ensuring that we attract and retain the most talented individuals. The expected base salary for this role ranges from $210,000 – $220,000. The base salary offer is based on a variety of factors which includes, but is not limited to qualifications, education and experience. The above is intended to describe the general content of and requirements for the performance of this job. It is not to be construed as an exhaustive statement of essential functions, responsibilities or requirements. Welcome to our employment section. Here you can view our current job openings and apply for positions online. Wachtell, Lipton, Rosen & Katz does not accept unsolicited resumes from recruiting or employment agencies for permanent or non-permanent positions. Wachtell, Lipton, Rosen & Katz is not responsible for any fees related to unsolicited resumes submitted from recruiting or employment agencies. Only resumes sent directly to the Human Resources Department will be considered for review. Only those candidates selected for an interview will be contacted by a member of our Human Resources department.

Salary : $210,000 - $220,000