Current Opportunities


Information Security/GRC Specialist

11/7/18 | New York, NY

Wilson Elser's NYC Downtown office located at 125 Broad Street currently seeks an Information Security/GRC Specialist.

Wilson Elser is in need of an Information Security/GRC Specialist that can perform three core functions for the company. The first will prominently include the execution of any customer and vulnerability audits, request for proposals, and assessments. The second is coordinating and moving the company's security program forward through policy, architecture, and internal training processes. Additional responsibilities will include participating in the selection of appropriate security solutions and overseeing the day-to-day operations of the in-place security solutions, such as the creation and/or maintenance of policies, standards, baselines, guidelines and procedures necessary to mature the company's overall security posture.

The Firm
Wilson Elser is a full-service and leading defense litigation law firm who faithfully serves our clients with nearly 800 attorneys, across 34 offices in the United States and one in London. Founded in 1978, we rank among the top 200 law firms identified by The American Lawyer and are included in the top 50 of The National Law Journal's survey of the nation's largest law firms.

The Position
The Information Security/GRC Specialist is expected to interface with peers across all IT departments, IT management, and representatives of the business to share the corporate security vision and to solicit their involvement in achieving higher levels of cyber security through information sharing and co-operation. 


  • Bachelor's degree from an accredited university in CS, IT, CIS, or a computer related field
  • CISSP, GIAC, CEH, Security+ or related security certifications highly preferred
  • Experience with Financial Firms, Banks, and Insurance Companies a plus
  • Min. of four (4) years' experience as an information security professional with advanced experience developing, documenting, and driving adoption of information security standards and procedures
  • Min. of two (2) years of advanced knowledge of security standards and frameworks 
  • Min. of two (2) years of experience implementing and executing security incident response
  • Qualified applicants should have current experience across a broad spectrum of data security disciplines. Including Microsoft networking solutions and infrastructure and intrusion detection and prevention
  • Strong background with firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc. 
  • Knowledge of security best practices across multiple platforms, such as Microsoft Windows, VMWare, and Cisco IOS
  • Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques
  • Exceptional customer service, verbal and written communication skills are required
  • Must have strong leadership skills, providing project leadership as needed
  • Candidate should be able to effectively interact with all levels of staff and executive C-level management
  • The ability to work in a team or work independently on complex tasks with minimal technical and management guidance is required


  • Provide information security and cyber security analysis and best practice recommendations for hardware, operating systems, networks, software, databases, staffing, data center, and physical office space security
  • Conducts incident prevention, detection, containment, eradication and recovery across IT systems, including developing processes, monitoring events, responding to incidents, summarizing and reporting findings
  • Provides primary point of contact for responses to Client Proposals, Requests for Information and periodic Client IT Audits
  • Creates Firm-wide policies and procedures documentation as needed (e.g., Information Security, Incident Response, Computer Usage, Security Awareness, Personally identifiable Information, etc.)
  • Provides primary point of contact for external 3rd party information security vendors
  • Analyze and resolve findings from vulnerability scans and penetration tests
  • Conduct user activity audits and perform internal forensic eDiscovery when required
  • Respond to and prepares status reports on security incidents to analyze security risk and response procedures
  • Check server and firewall logs, scrutinizing network traffic, establishing and updating virus scans, and troubleshooting
  • Perform Information Security access and provisioning requests within established Service Level Agreements
  • Administer user systems and data entitlements, across multiple platforms and applications
  • Ensure system access requests are processed with high quality and accuracy
  • Stay abreast of current technologies, developments, security compliance requirements, standards and industry trends
  • Lead and/or participate in special projects as assigned

Why Should You Apply?

  • Excellent Benefits 
  • Generous PTO plan 
  • Excellent growth and advancement opportunities 
  • Corporate Discount Plans

Wilson Elser is a firm who focuses our commitment to both our clients and you! Please consider joining our team by applying online.

We are committed to cultivating an environment that embraces and promotes diversity as a fundamental value. We are an Equal Opportunity Employer; Minorities and Women are encouraged to apply.






View more job openings