IT Operations Security Analyst

Join the Legal Tech Revolution at Litera

Are you ready to shape the future of how law is practiced? At Litera, we’re on a mission to Raise The Bar™️ for the legal profession by delivering transformational and globally-trusted solutions to law firms and corporate legal teams worldwide. We’ve been a leader in legal tech innovation for 30 years and are leading the legal AI revolution to this day with most of the world’s largest law firms as our clients. If you’re passionate about building AI-forward solutions that scale globally and want your work to impact millions of legal professionals worldwide, this is your opportunity to be part of an extraordinary team that’s elevating the craft of law.

As part of our strategic growth and commitment to fostering collaboration and operational excellence, we are transitioning to a hybrid working model. This position is based in Denver and candidates should reside within reasonable commuting distance, as this role requires on-site presence at least three days per week. This hybrid approach enables us to build a collaborative and innovative work environment while maintaining the flexibility that supports both productivity and work-life balance. We are actively seeking talented individuals to join our team in this exciting new phase of growth.

Available Office Location: Denver

Overview: Litera is seeking an IT Operations Security Analyst to strengthen our cybersecurity operations. In this role, you will be at the forefront of monitoring and responding to security threats across our cloud and on-prem environments. You’ll lead efforts in vulnerability management, incident response, and implementation of security controls, while collaborating across teams to ensure a resilient security posture. Your expertise will support governance and compliance initiatives, and you'll play a key role in continuous improvement through research and internal security projects. The ideal candidate will bring hands-on experience in security operations, a proactive mindset, and a passion for safeguarding enterprise systems.

Key Responsibilities:

Security Monitoring and Incident Response:

· Monitor security events across on-premises and multi-cloud environments (AWS, Azure, etc.) using advanced SIEM/XDR tools.

· Leverage AI-driven analytics to correlate alerts and reduce false positives.

· Triage, investigate, and escalate security incidents using automated workflows (SOAR) where applicable.

· Coordinate incident response efforts with IT, DevOps, and cloud engineering teams.

· Assist in root cause analysis and continuously update incident response playbooks.

Vulnerability and Threat Management:

· Assess and remediate vulnerabilities across cloud and on-prem assets.

· Prioritize threats using threat intelligence feeds and AI-based scoring.

· Conduct attack vector analysis and support containment strategies.

· Perform periodic attack simulations and phishing tests.

Security Controls Implementation:

· Implement security controls across hybrid environments, including cloud-specific configurations.

· Enforce identity and access management policies, network segmentation, and encryption standards.

· Align controls with Zero Trust principles and document changes for audit traceability.

Cross-Team Collaboration:

· Collaborate with IT, DevOps, Cloud Infrastructure, and Software Engineering teams.

· Participate in DevSecOps initiatives to embed security into CI/CD workflows and deployments.

Governance, Compliance, and Readiness:

· Ensure ongoing compliance with ISO 27001, SOC 2, and related frameworks.

· Maintain audit readiness through evidence collection and periodic self-assessments.

· Support remediation of compliance gaps and policy updates.

Continuous Improvement and Research

· Stay current on cybersecurity trends, emerging threats, and new technologies.

· Evaluate and pilot innovative security solutions (e.g., AI-based threat detection).

· Recommend enhancements to security policies and procedures.

Security Team Projects:

· Lead and contribute to security initiatives such as cloud posture improvements, automation of incident response, and deployment of next-gen security platforms.

· Collaborate with stakeholders to ensure alignment with business objectives.

Qualifications:

Technical Skills:

· 3+ years in cybersecurity operations with strong threat detection and incident response skills.

· 2+ years of experience in a Security Operations Center (SOC).

· Hands-on experience with SIEM platforms (Sentinel) and Defender EDR/XDR tools.

· Experience securing cloud environments (AWS, Azure).

· Familiarity with SOAR platforms, basic scripting (Python, PowerShell) for automation, and AI-powered security tools including Microsoft Security Copilot.

· Knowledge of security frameworks and standards (ISO 27001, SOC 2, NIST CSF).

· Experience with Entra ID, CASB solutions and cloud-native security tools.

Education & Certifications:

· Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).

· Preferred certifications: CompTIA Security+, CEH, CISSP, Any cloud security

Soft Skills:

· Strong communication and teamwork skills.

· Ability to explain technical issues to non-technical stakeholders.

· High adaptability and continuous learning mindset.

· Passion for spreading security awareness and best practices.