Our Client is a leading international law firm that provides innovative legal solutions to many of the world's top financial institutions and Fortune Global 500 companies. With a strong presence throughout Asia, Europe, Latin America, and the U.S., we have the global reach and extensive capabilities to provide personalized service wherever our clients’ needs take us. As one of the world’s leading law firms, we seek dynamic individuals who share our commitment to service, innovation, and professional growth.

The Manager, Cybersecurity Incident and Breach Response, is responsible for developing processes and support technologies for the execution of the responsibilities within the Cyber Incident and Data Breach Response functions, as well as act as a liaison to other teams. This will include, but not be limited to, assisting with the development of programs for vulnerability assessments and management, MSP vendor management, security monitoring, security metrics and reporting, and incident response readiness and management.

In this capacity, the Manager, Cybersecurity Incident and Breach Response will:

• In support of our Client's Business Continuity Management program, implement and manage the monitoring and incident handling program including the technologies, processes, training and documentation needed to ensure the organization can effectively detect and respond to security incidents;
• Liaise with the Security Operations and Engineering team to assure continuous 24x7x365 monitoring to establish response to security events, investigation of correlated security event feeds, and the appropriate triage and escalation in case of an identified security incident or data breach;
• Mature and manage domain and email-based threat intelligence and threat analytic functions in order to provide related threat intelligence information for effective security operations and security incident response, focusing on events that are likely to lead to a compromise;
• Oversee the Incident Response (IR) program, including documentation, awareness, exercises, and response through all phases of an incident to include post-incident documentation and coordination;
• Support the operational IR or data breach response coordination in the event of an actual incident; and
• Act as liaison and point of entry between Information Technology (IT) when coordinating either security IR or operational disruption IR activities.

In addition, the Manager, Cybersecurity Incident and Breach Response will be expected to have experience with the following areas of responsibility:

• Experience managing security operations for IT infrastructure (Vulnerability Management Program, advance incident response, cyber forensic investigation, endpoint security, EDR Tool, and exercise development / execution);
• Significant expertise in Cyber Security Incident Response and experience in one or more areas of Cyber Security: Intrusion Detection and Mitigation, Network Defense, Network Traffic Analysis or Operating System Security, Forensics, Incident Response, Cyber Threat Hunting, or Malware Analysis and Reverse Engineering;
• Knowledge of general attack stages, including foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, and covering tracks;
• Familiarity with various malware categories, their characteristics, and network-based indicators of compromise;
• Familiarity with networking vulnerabilities and exploit methods such as DDoS, XSS attacks, SQL injection and how to recognize attacks in-progress;
• Enterprise-level experience performing incident triage, analysis, response, and remediation for computer network intrusions, web application and server attacks, insider threats, and malware infections;
• Ability to evaluate available information, identify information gaps, recreate incident timeline of event activity;
• Experience working in a federated functional organization and influencing leadership and employees not in your direct management chain/scope of control;
• Demonstrated ability to team across organizational boundaries and geographical locations to collaborate with and influence others; and
• Possess excellent communication skills, human relation skills, organizational skills and analytical skills as well as proven information security leadership experience in a medium-to-large organization.

Proficiencies:

• Thorough understanding of the latest security principles, techniques, and protocols;
• Experience maintaining metrics and SLAs;
• Detailed technical knowledge of network, database, and/or operating system security;
• Knowledge of NIST 800-62 and other industry regulatory standards as they pertain to reporting incidents;
• Hands on experience in security systems, including vulnerability management, identity and access management, security risk assessments, application testing, etc.;
• Experience with network security, networking technologies, and network monitoring tools;
• Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management; and
• Experience with secure architecture principals, secure SDLC, security system integration and configurations, and troubleshooting.

Qualifications:

• Minimum of 12 years of experience with cybersecurity or information technology (preferred);
• At least 10+ years’ experience in an Incident Response capacity (SOC/NOC/watch floor, incident response, threat hunting team, forensic team, etc.) (preferred);
• At least 7 years in a legal or professional services environment (preferred); and
• BS degree in Computer Science or related field (required).

Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.

Eligible employees can participate in the Firm’s comprehensive benefits program, which include the following:

• Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short and Long Term Disability
• Voluntary 401k plan and profit sharing
• 10 paid holidays per year, and a generous PTO program
• Family Support including Paid Parental Leave and Fertility coverage
• Bright Horizons (Back-up child care, elder care and online tutoring)
• Dependent Care
• Wellness programs (Employee Assistance Program, mental health and well-being events)
• Anniversary Bonus Program
• Professional Development Programs
• Transportation Allowance and Commuter Benefits
• Auto/Home/Legal Insurance
• Pet Insurance
• Employee discounts
• And more!