Cyber Compliance Analyst

WilmerHale is a leading, full-service international law firm with 1,000 lawyers located throughout 12 offices in the United States, Europe and Asia. Our lawyers work at the intersection of government, technology and business, and we remain committed to our guiding principles of providing quality, excellent legal and client services; developing diversity among our lawyers and staff and cultivating an environment that promotes an ambitious spirit, collaboration and collegiality by drawing on the extraordinary talents and dynamic experience of our lawyers. Our goal is to reflect the diversity of our clients and the communities in which we practice.

What You Will Be Doing

The Cyber Security Analyst helps maintain an ISO 27001 enterprise security program and architecture to prevent or minimize data loss. Monitors adherence to information security policies to ensure that appropriate access to, and the confidentiality of client, employee, and firm information is maintained. Administers third party risk management, vulnerability management, and security awareness activities. Helps develop security awareness content and provide education on security policies and practices. Completes scheduled internal audits to detect information loss or policy violations. Participates in the evaluation and recommendation of security products, services and/or procedures to enhance productivity and effectiveness.

About This Role

• Executes vulnerability management tasks including review of monthly vulnerability scans, maintenance and expansion of related tools, identification of new issues, tracking of remediation efforts and production of monthly metrics.
• Performs information security risk assessments and assists with the daily, weekly, monthly and quarterly internal auditing of information security processes.
• Leads the firm’s Third-Party Risk Management program.
• Administers the firm’s Security Awareness program.
• Monitors the security infrastructure for policy violations or security events and participates in problem management and forensic activities as needed.
• Assists the Cyber Security Program Lead in responding to client requests including preparation of written audit responses and preparation of evidence. May involve direct interfacing with client risk management personnel.
• Tests and assists with selection and implementation of controls that apply security protections to enterprise systems, processes and information resources.
• Supports IT security within the system development lifecycle, change management, production systems support and technology-enabled projects (user administration, security logging, secure process flow, security best practices).
• Assists with proactively supporting client service by actively participating in the Firm's ServiceMatters initiative. Ensures that staff members are providing quality service to internal members/departments of the Firm as well as external clients and vendors by displaying professionalism via electronic and print correspondence, over the telephone and in-person and by encouraging an atmosphere that rewards a "can do" attitude.
• Assumes additional responsibilities as assigned.

Your Qualifications/What You Will Bring

• General knowledge of Windows operating system and web browser behavior, networking, database, systems, and mobile devices.
• Experience preparing spreadsheets and documents using Microsoft Excel and Word.
• Knowledge of security issues, techniques, and implications across firm computer platforms required.
• Proven interpersonal and communication skills.
• Strong work ethic; excellent use of discretion and judgment. Excellent written communication skills.
• Strategic thinking and planning abilities required.
• Analytical thinking
• Effectively meet challenges, influence and drive consensus within the team.
• Demonstrated problem solving abilities, analytical skills, and proven ability to meet challenging deadlines required.
• Able to breakdown raw information and undefined problems into specific, workable components that in-turn clearly identify the issues at hand.
• Makes logical conclusions, anticipates obstacles and considers different approaches that are relevant to the decision making process.

Education

• Bachelor's Degree in Computer Science, Management or related work experience.

• Security compliance certification preferred (GSNA, etc.) preferred.

Experience:

• 3-5 years’ work experience supporting information services in a medium to large environment; or other equivalent combination of education and experience that provides the required knowledge and skills. Compliance focus preferred.

Upon joining the firm new hires will go through our onboarding program and be paired with a staff mentor to help them acclimate to the firm. Additionally, there will be opportunities for new employees to take advantage of training and development, public service, and diversity and inclusion programs.

WilmerHale is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, gender, sexual orientation, gender identity, national origin or ancestry, age, disability or veteran status, or other protected status.

#LI-MK1

#LI-Hybrid