Cyber Security Analyst

About the role

This role is for a cyber security analyst in Clifford Chance's cyber security team. Clifford Chance has a global estate and 7000+ staff; it is imperative that we maintain the security of the estate and enable the legal advisors and others to carry out their work. The cyber security analyst will be responsible for managing and investigating cyber incidents, ensuring that incidents are handled from beginning to end and are properly contained and remediated. You will work closely with MSSP and internal IT teams This role will suit a highly motivated individual, with keen attention to detail, who can demonstrate an exceptional analytical skill set and knowledge of current and evolving Cyber threats and developing strategies for their detection and mitigation. Who you will work with You will work within the cyber security team at Clifford Chance, alongside the information security team, reporting into the Head of Cyber Security. You will work with several IT and business risk colleagues across the business on incidents and wider improvement projects. You will be working with colleagues in the security team primarily in the UK and India, however you will work with IT and business teams across the world. What you will be responsible for Key responsibilities of the Cyber Security Analyst: Manage and respond to cyber security incidents from initial triage through to close. Work with Major Incident Management teams and Head of Cyber Security to manage and investigate serious incidents as required. Document incidents clearly and report upwards as required. Investigate incidents using a range of tooling - such as endpoint analysis via Microsoft Defender, use of SIEM products, log analysis and malware analysis. Operate several tools but not limited to Vulnerability, SOAR, Threat Hunting, External Exposure, BAS. Research and incorporate relevant threat intelligence during the incident investigation and in written and verbal reports. Maintain current tooling and best practise knowledge in relation to attacker tactics and techniques, response processes, containment and remediation of incidents. Track cyber threat actors/campaigns based off technical analysis and open source intelligence. Perform threat hunting activities across the network, including designing and running threat hunts. Triage and investigate emails reported by CC employees in accordance with established processes Ability to troubleshoot the log feed interruption for the logs sources ingesting logs in SIEM tool and restore the feeds Liaise with Architecture, IT Operations, Network Security and IT Risk to implement security enhancements and during incidents.

Responsibilities

• Handle incidents and alerts on a daily basis by utilising Microsoft cloud solutions, log analysis, malware sandboxing, and speaking to other IT teams and users as required.
• Work across the UK and India Cyber Security team - reporting upwards, sharing knowledge across the wider team, and maintaining regular contact.
• Support penetration tests and improvement projects - ensuring all are delivered smoothly.
• Liaise with Architecture, IT Operations, Network Security and IT Risk for new projects, incidents, vulnerabilities and other issues.
• Support and be part of the on-call rota.
• Your experience
• The cyber security analyst will have at least 3-5 years experience in cyber security and incident handling. Key areas of essential experience include:
• 3+ years of hands on cyber incident response experience with proven capability and experience of investigating, managing and remediating cyber security incidents.
• Knowledge of data breaches, ransomware, fraud and other types of serious incident.
• Knowledge of current and emerging advanced cyber threats, attack and evasion techniques, command and control infrastructures and insider threat behaviour.
• Experience in escalating and articulating security concepts to senior, technical and non-technical audiences.
• Strong organisational, communication and project management skills.
• Strong Azure / M365 cloud knowledge and experience as well as on-premises IT experience.
• Usage of investigation tools such as malware sandboxes, SIEMs, log analysis tooling, network traffic analysis, endpoint analysis (event logs, files, processes).
• Experience with vulnerability scanning and management tooling and interpretation of results.
• Experience working in a team-oriented, collaborative environment.
• Experience with standard on-premises security products such as firewalls, proxies, endpoint solutions.
• Threat modelling and use case development and the MITRE ATT&CK framework to guide detection rulesets, threat hunting and investigations.
• AI Knowledge and hands on experience
• How we will support you
• From your first day with us, you will have varied opportunities to continuously grow and development your skills and knowledge. From formal training, informal coaching and mentoring through to skills-based and technical training and on the job learning.
• Equal opportunities
• At Cli

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Cliffordchance? Share your experience