Wilson Sonsini Goodrich & Rosati
Risk & Compliance Incident Response Engineer
Wilson Sonsini Goodrich & Rosati, Washington, District of Columbia, us, 20022
Risk & Compliance Incident Response Engineer
The firm is actively seeking a Risk & Compliance Incident Response Engineer to join the IT department. This role will lead the incident response process and be part of an operational after-hours supporting team. This position will support projects and tasks under the general direction of the Director of Information Security Governance, Risk & Compliance. This position will also work closely with the Operations, Applications, Security and ServiceDesk teams, as well as many other internal or external engineers as needed or required. This is an outage incident response role not a security incident response role. This position is available as a fully virtual work schedule.
Responsibilities
Monitor, investigate, report, and respond to incidents (security or operational outages) Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident Coordinate response, triage and escalation of incidents affecting the information assets, IT operations and IT processes Assist in after-action activities resulting from any findings associated with an incident Assist and maintain standard operating procedures (SOPs) and runbooks to meet the needs of IR requirements Assist in building methodologies to enhance incident investigation processes Identifying hidden risks within technical controls, IT operations and processes Develop a comprehensive and accurate reports for all incidents Review DLP violation reports received from NetDocuments, or O365, and prepare violations reports Assist with NIST – CSF audit and provide recommendation for the remediation activities Assist in maintaining compliance with all IT policies and procedures Interact with threat management systems/tools to find critical/high risk systems and create threat analysis reports and initiate follow-up action, and help reducing the risk
Qualifications
Bachelors or higher degree in Computer Science, Cybersecurity, Information Technology, or related field of study desired ServiceNow experience and certifications desired 3+ year’s relevant experience in risk and compliance and cybersecurity One or more security certifications such as GCIH, CISSP, Security +, or other relevant security certification(s) required Knowledge of the NIST Cybersecurity Framework (CSF), NIST 800-53 and 800 – 61 Knowledge of cloud environment such as MS O365 or AWS is preferred Possess strong analytical, problem-solving, multitasking and time management skills Excellent technical writing and verbal communication skills Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing exemplary customer service Ability to work independently and to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices
The primary location for this job posting is in Washington, D.C.. The actual base pay offered will depend upon a variety of factors, including but not limited to the selected candidate’s qualifications, years of relevant experience, level of education, professional certifications and licenses, and work location. The anticipated pay range for this position is as follows: $105,400 – $142,600 per year. The compensation for this position may include a discretionary year-end merit bonus based on performance. We offer a highly competitive salary and benefits package. Benefits information can be found here. Equal Opportunity Employer (EOE).
Job Details
Seniority level: Not Applicable Employment type: Full-time Job function: Legal and Information Technology Industries: IT Services and IT Consulting; Law Practice; Computer and Network Security
Note: This refined description excludes boilerplate, extraneous postings, and non-essential sections while preserving the core responsibilities and qualifications of the role.
#J-18808-Ljbffr
The firm is actively seeking a Risk & Compliance Incident Response Engineer to join the IT department. This role will lead the incident response process and be part of an operational after-hours supporting team. This position will support projects and tasks under the general direction of the Director of Information Security Governance, Risk & Compliance. This position will also work closely with the Operations, Applications, Security and ServiceDesk teams, as well as many other internal or external engineers as needed or required. This is an outage incident response role not a security incident response role. This position is available as a fully virtual work schedule.
Responsibilities
Monitor, investigate, report, and respond to incidents (security or operational outages) Categorize, prioritize, and normalize an event to determine if it meets the threshold of a potential incident and declare an incident Coordinate response, triage and escalation of incidents affecting the information assets, IT operations and IT processes Assist in after-action activities resulting from any findings associated with an incident Assist and maintain standard operating procedures (SOPs) and runbooks to meet the needs of IR requirements Assist in building methodologies to enhance incident investigation processes Identifying hidden risks within technical controls, IT operations and processes Develop a comprehensive and accurate reports for all incidents Review DLP violation reports received from NetDocuments, or O365, and prepare violations reports Assist with NIST – CSF audit and provide recommendation for the remediation activities Assist in maintaining compliance with all IT policies and procedures Interact with threat management systems/tools to find critical/high risk systems and create threat analysis reports and initiate follow-up action, and help reducing the risk
Qualifications
Bachelors or higher degree in Computer Science, Cybersecurity, Information Technology, or related field of study desired ServiceNow experience and certifications desired 3+ year’s relevant experience in risk and compliance and cybersecurity One or more security certifications such as GCIH, CISSP, Security +, or other relevant security certification(s) required Knowledge of the NIST Cybersecurity Framework (CSF), NIST 800-53 and 800 – 61 Knowledge of cloud environment such as MS O365 or AWS is preferred Possess strong analytical, problem-solving, multitasking and time management skills Excellent technical writing and verbal communication skills Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing exemplary customer service Ability to work independently and to carry out assignments to completion within parameters of instructions given, prescribed routines, and standard accepted practices
The primary location for this job posting is in Washington, D.C.. The actual base pay offered will depend upon a variety of factors, including but not limited to the selected candidate’s qualifications, years of relevant experience, level of education, professional certifications and licenses, and work location. The anticipated pay range for this position is as follows: $105,400 – $142,600 per year. The compensation for this position may include a discretionary year-end merit bonus based on performance. We offer a highly competitive salary and benefits package. Benefits information can be found here. Equal Opportunity Employer (EOE).
Job Details
Seniority level: Not Applicable Employment type: Full-time Job function: Legal and Information Technology Industries: IT Services and IT Consulting; Law Practice; Computer and Network Security
Note: This refined description excludes boilerplate, extraneous postings, and non-essential sections while preserving the core responsibilities and qualifications of the role.
#J-18808-Ljbffr