Information Security Analyst

About the company Lexitas is a high growth company. The Company is built on a belief that having strong personal relationships with our clients, and providing reliable, accurate and professional services, is the driving force of our success. Lexitas offers an array of services including local and national court reporting, medical record retrieval, process service, registered agent services and legal talent outsourcing. Our reach is truly national as well as international. Lexitas is a MNC Company that has set up a subsidiary in Chennai, India – Lexitas India Pvt. Ltd. This Indian company will be the Lexitas Global Capability Center, helping build a world class IT development team, and over time serve as a Shared Services hub for several of the corporate functions. For More Information - https://www.lexitaslegal.com This is a Full-Time Job located in Chennai, India. Summary: This position supports information security, privacy, risk and compliance programs and activities under the direction of the VP of Information Security or designated Information Security Manager. The position assists in developing and maintaining a comprehensive security program for Lexitas. Providing functional and technical support is important to maintain security posture and protection of electronically and physically stored information assets across our systems. Tasks include supporting design, implementation, configuration, documentation, and maintenance to mitigate risk to the business and its computing resources and assets, as well as collaborating with applicable providers, managing and monitoring tools, and facilitating applicable processes and procedures.Key Roles and Responsibilities: Supports IT security, privacy, risk and compliance systems, processes, supporting activities, with the ability to lead activities and programs. Monitors computer networks and associated tools and provider services for security, privacy, risk and compliance issuesSupports the project management, tracking, and documentation of Information, Privacy, Risk, and Compliance programs, processes, and activitiesInvestigate security breaches and cybersecurity incidents.Documents security breaches and assesses impact.Performs and/or supports security tests, risk assessments, and audits to uncover network, application, and process vulnerabilities and provides guidance and training to ensure violations do not persist.Tracks and facilitates the mitigation of vulnerabilities to maintain a high security standard.Supports best practices for IT security, privacy and compliance.Performs and supports 3rd party vulnerability management and penetration testing.Research security enhancements and makes recommendations to management.Stays current on information technology trends and security standards.Prepares reports that detail security, privacy, and compliance risk assessment findings. Supports Security Operations Center functions including monitoring and supporting Incident Response activities.Supports all related IT Security, Privacy, Risk and Compliance policies and provides guidance to the business. Other Information Security, Privacy, Risk, and Compliance duties as required. Skills and Abilities:Experience with computer network and application vulnerability management and penetration testing, and techniques.Solid understanding of firewalls, proxies, SIEM, antivirus, and IDPS conceptsAbility to identify and mitigate network and application vulnerabilities. Good understanding of patch managementProficient with various OSExcellent written and verbal communication skillsKnowledge of firewalls, antivirus, and intrusion detection system conceptsAbility to support and document areas of Information Security, Privacy, Risk, and compliance processes and programs. Ability to support incident response process.Experience directing 3rd Party providers in the areas of Information Security, Privacy, Risk and ComplianceSupport information security controls including physical and data security protecting the confidentiality, integrity and availability of information systems data.Preferred KSA’s:Strong working knowledge and experience with primary Information Security, Privacy, Risk, and compliance standards and frameworks such as NIST, SOC 2, HIPAA, PCI DSS, GDPR, etc. Experience administering information security software and controls.Experience supporting process for managing network and application security.Network and system administration experience a plus.Good understanding of Standard Information Security Baseline Frameworks, Business Continuity, and Disaster Recovery protocols and best practices.Exposure to ITIL (Incident/Change Management) – ITIL v3F preferred.Learns and monitors the business processes for the areas of primary support responsibility. Support annual Security Baseline Audits and execution of recommendations.As part of the technology team, performs “Help Desk” day-to-day tasks in support of Information Security, Privacy, Risk, and Compliance.Education and Experience:Bachelor’s degree in computer science or related field strongly preferred.IAT Level-2 technical certification strongly preferred (Comp TIA Security+ or CISSP) or ability to obtain within first 90 days of hire.5+ years’ experience performing role of Information Security Analyst or SOCDemonstrated experience in responding to, managing, and resolving security incidents.Experience with LAN/WAN networking concepts, IP addressing and routing concepts, Windows/Linux/Unix operating systems, Information Security concepts, and best practices.Experience with Windows/Linux/Unix operating systems, Information Security concepts, and best practices.Experience working with Security Information and Even Management (SIEM) system is a plus.