Location: Downtown Nashville, Hybrid
Employment Type: Contract to Hire (6months)
Compensation: 57/hr - 115k upon conversion
Must Have Experience for this role.

5+ years in experience in a mix of the below:

• IAM experience
• SIM (Security Information Management) background with an understanding of:
• SMTP (Simple Mail Transfer Protocol):
• EDR (Endpoint Detection and Response)
• Threat hunting/remediatation
• Vulnerability management
• Phishing emails

Overview: The Senior Cyber Security Risk Analyst will be is responsible for leading one of three Centers of Excellence’s (Threat Detection, Investigation, Response; Application Security, Network & IAM) activities at a law firm in Nashville, TN. Reporting to the Cyber Security Operations Manager, the senior analyst will serve as the technical information security expert and as a contributor to cross-functional teams for support of security-specific infrastructure enhancements. The primary objective of this role is to manage cybersecurity operations and monitoring.
The successful candidate will have deep cybersecurity and technology knowledge and will be collaborative in nature due to the cross-functional nature of the work. They will be asked to act as a subject matter expert (SME) who can contribute to internal and external dialogues on cyber security, as well as creating reporting, documenting processes and procedures necessary to run the area. The ideal candidate experience with cloud security IAM, endpoint security, cyber incident response, security logging and monitoring.

Responsibilities:

• Developing, implementing and managing functions within their Center of Excellence including configuration management, tuning, and the ability to take risks/threat intelligence and partner with relevant areas to remediate
• Monitoring and analyzing security events, alerts, and logs in real-time, and responding to security incidents as per the incident response plan
• Coordinating incident investigations, including the collection and preservation of evidence, and providing incident reports to relevant stakeholders
• Developing and maintaining incident response plans and procedures
• Continuously evaluating and improving the organization’s security posture
• Collaborating with other IT and business teams to ensure timely response to incidents and vulnerabilities
• Keeping up-to-date with the latest cybersecurity trends and developments
• Providing regular reports on security risks, incidents, and response efforts to senior management
• Establishing appropriate safeguards, protocols, and response to any data breaches
• Providing training and guidance to staff on incident management, threat intelligence, and incident response best practices
• Create reporting KPI’s for their CoE

Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.

Responsibilities:

• Developing, implementing and managing functions within their Center of Excellence including configuration management, tuning, and the ability to take risks/threat intelligence and partner with relevant areas to remediate
• Monitoring and analyzing security events, alerts, and logs in real-time, and responding to security incidents as per the incident response plan
• Coordinating incident investigations, including the collection and preservation of evidence, and providing incident reports to relevant stakeholders
• Developing and maintaining incident response plans and procedures
• Continuously evaluating and improving the organization’s security posture
• Collaborating with other IT and business teams to ensure timely response to incidents and vulnerabilities
• Keeping up-to-date with the latest cybersecurity trends and developments
• Providing regular reports on security risks, incidents, and response efforts to senior management
• Establishing appropriate safeguards, protocols, and response to any data breaches
• Providing training and guidance to staff on incident management, threat intelligence, and incident response best practices
• Create reporting KPI’s for their Co

Determining compensation for this role (and others) at Vaco by Highspring depends upon a wide array of factors including but not limited to:

• the individual’s skill sets, experience and training;
• licensure and certification requirements;
• office location and other geographic considerations;
• other business and organizational needs