Cyber Security Analyst

WilmerHale is a leading, full-service international law firm with 1,000 lawyers located throughout 12 offices in the United States, Europe and Asia. Our lawyers work at the intersection of government, technology and business, and we remain committed to our guiding principles of providing quality, excellent legal and client services; developing diversity among our lawyers and staff and cultivating an environment that promotes an ambitious spirit, collaboration and collegiality by drawing on the extraordinary talents and dynamic experience of our lawyers. Our goal is to reflect the diversity of our clients and the communities in which we practice.

What You Will Be Doing

The Cyber Security Analyst supports the firm’s cyber threat analysis and detection efforts, boosting the firm’s ability to detect, prevent and respond to potential data breaches. Confirms proper operation of security infrastructure and supports proper incident response. Leverages third party intelligence to detect events of interest. Assists with the development and utilization of information security controls including encryption, web gateways, endpoint controls, intrusion detection and prevention, anti-malware, and content monitoring.

About This Role

• Monitors and analyzes alerts, notifications, events, and log entries from a variety of sources including Security information and event management (SIEM), endpoint Detection and Response (EDR) tools and Manages Security Service providers and correlates incident data to identify specific vulnerabilities and appropriate remediations.
• Perform root cause analysis to identify security control gaps and develop effective prevention and detection strategies.
• Develop, document, and uphold procedures, practices, and policies for effective threat analysis and response.
• Conduct proactive analysis of internal activity trends, identifying and prioritizing missing or ineffective detection capabilities.
• Support security incident investigations using data analytics and digital forensics methodologies.
• Actively supports application of cyber security policy and participates in incident response by assisting in cyber defense incident triage, to include deciding scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
• Work closely with internal teams and systems owners to refine incident and event management processes, assess vulnerabilities, and recommend measures for detecting anomalous behavior.
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and establish which security issues may have an impact on the enterprise.
• Performs scripting and information analysis in general support of firm technology infrastructure.
• Perform cyber defense trend analysis and reporting.
• Assumes additional responsibilities as assigned.