Vacancy expired!
About Kirkland & Ellis
Kirkland & Ellis LLP is a preeminent, full-service law firm with offices around the world and a staff as diverse as the practice areas we support. Our clients range from Fortune 100 companies to medium and small corporations, financial institutions, and private equity firms. Known for our commitment to excellence, Kirkland strives to provide superior service to our clients as well as our fellow employees. From Information Technology to Human Resources, Paralegal Services to Business Development, Kirkland offers non-attorney professionals challenging careers in a variety of functional areas. Whether starting or growing your career, Kirkland can offer a performance-driven culture filled with bright and innovative teams of co-workers. Essential Job Functions The Security Operations Engineer role provides daily incident response in addition to providing 24x7 support and operational availability of Kirkland's security infrastructure. Responsibilities include the monitoring and investigation of security alerts, implementation of new security technologies, day-to-day operations, and change management of all deployed security technologies. Essential Functions: (This list is not exhaustive and may be supplemented and changed as necessary.)- Analyze potential infrastructure security incidents to determine if incident qualifies as a legitimate security breach.
- Monitor and correlate security event log information to identify and detect anomalous activity.
- Document and conform to processes related to security monitoring, patching and incident response.
- Implement techniques using the most advanced technologies to hunt for the unknown threats in the environment
- Appropriately inform and advise management on incidents and incident prevention.
- Participate in knowledge sharing with other analysts and develop solutions efficiently.
- Upgrade security systems by monitoring security environment; identifying security gaps, evaluating and implementing enhancements.
- Enhance department and organization reputation by delivering quality results and exploring opportunities to increase value and raise awareness of Information Security Program.
- Partner closely with IT or business teams across the Firm to implement secure solutions that reduce business risk by ensuring confidentiality, integrity, and availability.
- Bachelor's degree required, preferably in cybersecurity or other IT-related field
- At least four (4) years in an IT-related field or at least two (2) years working in cybersecurity required. Experience in an MSSP or SOC preferred.
- Programming and scripting skills such as PowerShell, Python, etc. preferred.
- Microsoft Outlook, Word, & Excel required.
- Experience investigating security incidents using various security tools including EDR tools such as Carbon Black, CrowdStrike, or Cylance required.
- Experience with Security Information and Event Management (SIEM) such as Splunk, LogRhythm, or QRadar including event analysis, alert generation, investigations, and reporting preferred.
- Experience using file sandbox technology to detonate and analyze potentially malicious documents and executables preferred.
- Experience with other security-related technologies including Intrusion Prevention/Detection Systems, Firewalls, Content Filtering Technology, Vulnerability Scanning/Management Solutions preferred
- Comptia Security+, Network+, Cybersecurity Analyst
- GIAC Information Security Fundamentals or Security Essentials Certification
- Certified Information Systems Security Professional (CISSP)