Lead Analyst, Information Security

Join Our Leading Global Law Firm We are a prominent law firm recognized for our innovative strategies and dynamic growth. Our collaborative culture promotes teamwork and creativity, allowing us to operate across practices and global offices seamlessly. We are committed to fostering a supportive environment that values both our people and our clients. The Lead Analyst, Information Security plays a crucial role within our team, focusing on the daily operations of the Chief Information Security Officer's office. You will be encouraged to actively identify vulnerabilities and threats, contributing to our proactive security posture. This position is part of a global team empowered to handle their specific functions. Your primary responsibilities will revolve around managing incidents, requests, and monitoring security activities, guided by the Information Security Manager. At our firm, we emphasize the professional growth of our employees. As a Lead Analyst, you will have ample opportunities for development through on-the-job learning and targeted training, all within a mentoring and meritocratic framework. Success in this role requires establishing a strong alignment between our information security measures and business needs. Key considerations include: Safeguarding client confidentiality and adhering to regulatory requirements, such as data protection. Balancing effective protection with user efficiency; adopting a pragmatic approach while being aware of risks. Key Objectives: Enhance the firm’s capabilities to investigate, prevent, and address security breaches and deviations from security protocols. Serve as a technical expert, championing our Information Security infrastructure. Oversee Information Security monitoring and provide expertise for escalated issues. Manage the global Information Security incident/request queue effectively. Contribute to educational programs, procedural enhancements, and technical improvements aligned with the Information Security Management System. Assist in the management of technical controls outlined within the Information Security Management System. Responsibilities Include: Advocate for best practices and policies in Information Security. Serve as an intermediate escalation point and technical mentor to team members. Manage security incidents and requests in line with SLA guidelines. Review and escalate unusual event behaviors. Collaborate on enhancing Firm-wide security infrastructure and reporting incidents. Promote security governance and ensure adherence to policies protecting the Firm's confidentiality and integrity. Encourage collaboration across business functions to meet shared objectives while facilitating skills transfer and awareness. Work with project teams to ensure compliance with Information Security policies and standards. Identify threats and vulnerabilities proactively. Maintain awareness of industry security risks and promote effective countermeasures. Configure security parameters in monitoring systems and act as a point of escalation for alerts. Conduct document and privileged account reviews. Qualifications and Skills: Bachelor's degree in a technical field or equivalent experience in IT/Information Security. 5+ years of experience in Information Security infrastructure or transitioning from another technical discipline. Ability to adapt quickly to emerging threats and changing information. Expertise in Microsoft 365 Defender and Azure Sentinel for monitoring anomalies. Familiarity with endpoint security solutions and infrastructure (EDR, vulnerability management, DLP, etc.). Knowledge of cloud-based security solutions and securing cloud environments (AWS, Azure, GCP). Experience with security compliance frameworks and automation tools for incident response. Understanding of security technologies such as firewalls, IDS/IPS, and SIEM. Security certifications (e.g., CompTIA Security+, CISSP, CISA) preferred. Familiarity with security frameworks like ISO 27001, NIST, and Mitre is a plus. Adept at managing phishing and impersonation attacks efficiently. Experience with service management tools. Knowledge of legal tech platforms (iManage, Relativity, NetDocuments) is a plus. Personal Attributes: Strong sense of responsibility and adherence to security practices. Excellent technical security understanding. Self-motivated, calm, and methodical under pressure. Exceptional interpersonal skills and integrity, with clear communication abilities across levels. Agile approach to task management, responsive to changing risks. Cooperative, service-oriented, and able to work within a global team. Good judgement regarding confidentiality and information sensitivity. Adaptable and eager to learn new skills. About Our Team: The Information Security function encompasses strategic security planning and risk management across the firm. We operate a variety of security solutions directly, including anti-malware and vulnerability scanning platforms, while collaborating with other departments for comprehensive security controls. Adhering to ISO 27001 standards, our team reports directly to the Firm's CISO. We are committed to a competitive benefits package that includes comprehensive health coverage, paid time off, and generous parental leave. Our firm values equal opportunity and diversity, and we provide reasonable accommodations to individuals with disabilities. Join us and make a meaningful impact in the field of Information Security!

Created: 2026-03-04