Keen to become part of a truly global, collaborative team of professionals? Your journey begins here.
The Information Security Analyst will be responsible for helping to safeguard data and services spanning across applications, servers, and end-user assets. The Information Security Analyst will leverage provided security tools, automations, and manual investigations to understand risks to the environment, and help stop threats in real time. The Analyst will be highly involved in the Information Security community as part of a global Information Security team.
- Research and respond to security questions, emails, and tickets from lawyers and business services employees at all levels within the Firm
- Work with our managed security service provider (MSSP) to understand alerts and to perform needed actions to mitigate risk
- Design and improve security automation processes
- Create security testing plans and test cases
- All members of the firm are expected to participate in our Responsible Business program
- Other duties as assigned
REQUIRED SKILLS
- Understanding of security vulnerabilities and attacks (hardware, firmware, software, network, and people), and the ability to understand new ones based on developing technology
- Understanding of security principles, IT security controls, and OWASP top 10 Mobile and Web application vulnerabilities
- Familiarity with the MITRE ATT&CK threat model to quantify security risks
- Ability to communicate technical information, both in writing and verbally, to non-technical users and engage with individuals in the organization in a clear and professional manner
- Ability to work independently and efficiently in a fast-paced environment with or without direct supervision and coordinate multiple projects with a geographically diverse team
EDUCATION, CERTIFICATIONS, AND/OR EXPERIENCE
- Three (3) to five (5) years of experience working in IT, with knowledge of security principles
- Two (2)+ years of experience with Microsoft Active Directory, Azure, and/or the Defender suite
- Experience with defensive technology such as NG Firewalls, EDR solutions, and SIEMs.
- Industry certifications such as GREM, GCFA, GCFE, CEH, Security+, etc. are desirable.
- Scripting or API development experience with Python desirable.
- Undergraduate degree preferred.
Core hours will be Monday through Friday, 9:00 a.m. to 6:00 p.m., with additional hours worked as necessary. Some on-call time may be required.
This job description sets forth the authorities and responsibilities of this position and may be changed from time to time as shall be determined.
Hogan Lovells is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information or protected Veteran status.