Security Analyst

Job Description

Crowell & Moring LLP is an international law firm with offices in the United States, Europe, MENA, and Asia that represents clients in litigation and arbitration, regulatory and policy, intellectual property, and transactional and corporate matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation and government-facing matters, as well as its ongoing commitment to pro bono service and diversity, equity, and inclusion.

Job Summary

The Security Analyst (Identity and Access Management) specializes in IAM technologies and applications including Single Sign-On (SSO), federation, permissions, authorizations, and identity management. The SA maintains the Firm’s IAM platform and related systems and works with InfoSec management and others in the Firm to ensure the right people have appropriate access to data and applications at the right time. The SA is responsible for keeping up-to-date with current identity technologies, threats, vulnerabilities, and automation and participates in projects implementing, upgrading, and modifying identity systems.

Job Responsibilities

• Under general supervision of the Infosec Manager the SA manages the IAM system including Enterprise Applications, federations, certificates, Identity Provider (IdP).
• Maintains and validates the Firm’s Multifactor Authentication (MFA) systems.
• Integrates external applications with the Firm’s identity system using OAUTH, SAML, OpenID or other appropriate technology
• Coordinates with Human Resources, Finance, and others to automate as much as possible the Join/Move/Leave process for employee, Partner, and third-party identities.
• Maintains and manages the Firm’s sources of Identity, including Active Directory, Microsoft Entra ID, and Active Directory Federation Systems (AD FS)
• Manages federation and replication technologies such as Entra ID Connect.
• Maintains the Firm’s Public Key Infrastructure (PKI) systems including certificate templates, issuance policies, security, and revocation.
• Completes special projects and other duties as assigned by the InfoSec Manager.

Qualifications

Requirements:

Knowledge, Skills and Abilities

• Knowledge of Identity technologies and systems including Security Assertion Markup Language (SAML) Single Sign On (SSO), and related technologies such as OAUTH, OpenID.
• Understanding of directory and authentication technologies such as Active Directory (AD), lightweight directory access protocol (LDAP), Kerberos, RADIUS, and Public Key Infrastructure (PKI)
• Understanding of Microsoft identity products such as Entra ID, Conditional Access, Defender for Identity, and Enterprise Applications
• Understanding of multifactor technologies and platforms, including NIST 800-63 R3 approved methods.
• Ability to work overtime as needed.

Education

The position requires a Bachelor’s Degree, preferably in Computer Science/MIS or equivalent certification from an accredited technical training school.  Four years of progressive experience may substitute for education.

Certification

Microsoft SC-300 or related Identity and Access, Azure, or Entra certifications. CISSP or GIAC certifications are a plus

Experience

The position requires a minimum of four (4) years of increasingly responsible, directly related experience during which knowledge, skills and abilities applicable to the position were demonstrated.

Additional Information

Crowell & Moring LLP offers a competitive compensation and comprehensive benefits package which includes progressive options such as back up child care, wellness programs, cultural events and social activities. We take great pride in our positive, friendly culture that rewards hard work and success, at the same time recognizing the importance of family and community service.

Our Firm is committed to fair and equitable compensation practice in accordance with applicable laws. The salary for this position is $100,000 - $125,000. Additional compensation may include a discretionary bonus. Other benefits include healthcare, vision, dental, retirement, and all-purpose leave. The salary for this position may vary based on location, market data, an applicant’s skills and prior experience, certain degrees and certifications, and other factors.

EOE m/f/d/v
Crowell & Moring LLP participates in the E-Verify program.