Lead Security Operations Analyst
The Information Security & Resilience team are responsible for security activities across the DLA Piper International firm.
This role is an exciting opportunity to join our Cyber Security team in a pivotal role within Security Operations. Reporting to the Senior Security Operations Manager, the right person will be responsible for leading the detection and response of security incidents as well as help shape and develop our capabilities. This is a hands-on role and you’ll be expected to lead enhancements and refine our processes and procedures. You may also be called on to support exciting new projects supporting the firm as it undergoes significant transformation around technology and sustainability.
MAIN DUTIES AND RESPONSIBILITIES
As part of our in-house security operations team, you’ll work with the latest security technologies and industry leading service providers to detect and respond security incidents and support general security operations activities covering Asia Pacific, Middle East and Europe.
The Lead Security Analyst will be responsible for:
- Providing subject matter expertise on detection, protection and response of security events and incidents
- Liaising with the operational IT teams on incident response and improvements
- Reporting on key operational metrics from the team
- Ensure operational processes are documented and kept up to date using feedback from incident lessons learned
- Ensure response capabilities are mature and tested on a regular basis
- Educating and assisting in the development of Security Analysts
- Design and implementation of custom use cases
- Identifying areas of improvement in current tools and processes
- Acting as a stand in for the Senior Security Operations Manager as needed
ABOUT YOU
- Extensive industry experience related to infosec activities, (2-3 in a SOC environment)
- Experience of wider operational security in international organisations
- Demonstrable understanding of information security controls and technology
- Team leadership/management
- Excellent knowledge of technical security controls including, SIEM, SOAR, EDR, firewalls, IPS/IDS, web filtering, email filtering
- Familiarity with frameworks such as, MITRE ATT&CK, Cyber Kill Chain, SIGMA, STRIDE
- Knowledge of Cloud Security Services such as M365 stack
- Fundamental understanding of cloud technologies (IaaS and SaaS)
The role works closely with the IT Operational teams so must have a good technical knowledge but the team being led is not responsible for day-to-day security engineering.
The ideal candidate will hold the usual security certifications (CISSP, CISM, GIAC etc) and will be a technically astute security all-rounder. It’s essential that the candidate can develop a holistic view of the firm’s security controls and be able to respond to security queries and incidents in an environment that is fast paced and sometimes demanding.
The following characteristics are essential:
- Customer focused and Service minded
- Excellent communication and collaboration skills
- Passionate about Information Security, Cyber and technology
- Appreciation for working in a global organisation with different cultures
- Pro-active, inquisitive and resourceful
- Methodical and analytical
- Organised and self-motivated
- Desire to develop (themselves, their colleagues and their capabilities)
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
