IT Security Analyst

ABC Legal Services is the nation's premier process serving and court filing company, operating across all 50 states. We are a technology-forward legal services company on a mission to make legal processes faster, smarter, and more reliable. We are looking to bring on a Security Analyst who will be a high-impact, independent contributor role with broad ownership over our security posture. You will build and drive security initiatives across the organization, with a particular focus on emerging AI-related risks, and operate as the go-to expert across our cloud and endpoint environments.

What You'll Do

• Serve as the organization's primary security resource, owning day-to-day security operations, monitoring, and incident response
• Develop, implement, and maintain security policies, standards, and procedures aligned with legal industry requirements and best practices
• Lead the design and execution of AI security initiatives, including risk assessments, usage policies, and governance frameworks for AI tools adopted across the company
• Manage and optimize CrowdStrike EDR/XDR deployments, including threat hunting, alert triage, and response workflows
• Administer and secure AWS environments, including IAM policies, security groups, CloudTrail, GuardDuty, and related services
• Oversee security configurations and compliance monitoring across the Microsoft 365 suite (Defender, Purview, Intune, Secure Score)
• Conduct regular vulnerability assessments, penetration test reviews, and remediation tracking
• Evaluate, recommend, and implement security tooling and controls as the organization scales
• Develop and deliver security awareness training for employees
• Manage vendor and third-party risk assessments related to security
• Maintain and test the incident response plan; lead tabletop exercises
• Produce clear security metrics and reporting for leadership

Must Have Skills

• 3+ years of hands-on experience in an information security analyst or equivalent role
• Demonstrated expertise with CrowdStrike Falcon — configuration, administration, threat hunting, and incident response
• Strong working knowledge of AWS security services and architecture (IAM, GuardDuty, Security Hub, CloudTrail, Config, VPC)
• Experience securing and administering the Microsoft 365 ecosystem (Teams, SharePoint, Exchange Online, Defender for Endpoint, Purview)
• Solid understanding of security frameworks (NIST CSF, ISO 27001, or equivalent)
• Experience with vulnerability management programs and tools
• Strong written and verbal communication skills — able to translate technical risk into business language
• Comfortable working autonomously and managing multiple priorities in a remote environment

Nice to Have

• Experience with Microsoft Azure and/or Entra ID (formerly Azure AD) — conditional access policies, identity governance, PIM
• Familiarity with Barracuda products (email security, WAF, network security)
• Background in legal tech, law firms, or other regulated industries
• Experience developing AI security programs or policies, including LLM risk assessment and shadow AI governance
• Relevant certifications: CISSP, CISM, Security+, AWS Security Specialty, or similar

AI Security Initiative Ownership

As AI tools become increasingly embedded in legal workflows, this role will take ownership of our AI security strategy. Responsibilities include:

• Assessing the security and privacy risks of AI tools (including generative AI and copilots) used by staff and clients
• Establishing an AI acceptable use policy and governance framework
• Evaluating AI vendor security postures and data handling practices
• Collaborating with product and engineering teams to ensure AI-powered features are built securely
• Staying current on emerging AI threat vectors (prompt injection, model abuse, data exfiltration) and recommending mitigations

Compensation and Benefits

• Salary: $100k - $150k
• Fully remote role with flexible working hours
• Comprehensive medical, dental, vision insurance
• 401(k) with match
• PTO and paid holidays