Senior Cyber Security Analyst at CliffordChance

The role This role is for a cyber security analyst in Clifford Chance's cyber security team. Clifford Chance has a global estate and 6000+ staff; it is imperative that we maintain the security of the estate and enable the legal advisors and others to carry out their work. The cyber security analyst will be responsible for managing and investigating cyber incidents, ensuring that incidents are handled from beginning to end and are properly contained and remediated. You will work closely with suppliers and internal IT teams to scope and run penetration tests, scan for and fix vulnerabilities across the network, and implement security improvements across the estate. You will also mentor and support junior members of the team. This role will suit a highly motivated individual, with keen attention to detail, who can demonstrate an exceptional analytical skill set and knowledge of current and evolving Cyber threats and developing strategies for their detection and mitigation.   Who you will work with You will work within the cyber security team at Clifford Chance, alongside the information security team, reporting into the Head of Cyber Security. You will work with a number of IT and business risk colleagues across the business on incidents and wider improvement projects. You may also work with our legal professionals and occasionally clients if there is a cyber security issue affecting them. You will be working with colleagues in the security team primarily in the UK and India, however you will work with IT and business teams across the world.   What you will be responsible for Key responsibilities of the Senior Cyber Security Analyst. • Manage and respond to cyber security incidents from initial triage through to close down. • Work with Major Incident Management teams and Head of Cyber Security to manage and investigate serious incidents as required. • Document incidents clearly and report upwards as required. • Investigate incidents using a range of tooling – such as endpoint analysis via Microsoft Defender, use of SIEM products, log analysis and malware analysis.  • Operate the firm's Vulnerability Scanning solution, manage the resolution of vulnerabilities across various teams, and provide reports and metrics as required. • Research and incorporate relevant threat intelligence during the incident investigation and in written and verbal reports. • Maintain current tooling and best practise knowledge in relation to attacker tactics and techniques, response processes, containment and remediation of incidents. • Track cyber threat actors/campaigns based off technical analysis and open source intelligence. • Scope and provide oversight and management of penetration testing / red teaming activities. • Drive improvements in the cyber security team's functions and capabilities – improving incident handling, tooling, general skills and knowledge etc. • Perform threat hunting activities across the network, including designing and running threat hunts. • Mentor and support more junior analysts. • Liaise with Architecture, IT Operations, Network Security and IT Risk to implement security enhancements and during incidents.  What you will do • Manage and respond to incidents. • Work with teams across the business to successfully resolve incidents – including business teams, IT teams, and suppliers.  • Report metrics relating to incidents, vulnerability scans and other relevant areas as required. • Input into strategy and direction for the team as a whole. • Run vulnerability scans as required (shared across the team) • Support / manage scoping of supplier work such as penetration tests, build or network security reviews and oversee delivery of this work. • Manage projects / ongoing tasks – these will be varied but will be aligned to your role such as managing a project to roll out a new security tool or a set of improvements to our detection capabilities. • Mentor and guide junior staff as required. • Drive improvements across the security function – for example improving our playbooks, defining new threat hunting processes, training up other staff in areas you are highly skilled in, recommend improvements to the Head of Cyber Security.  Note that you will be required to be on-call for major incidents out of hours on a rota basis, this is shared across the team.