Cyber Security Analyst

The role

This role is for a cyber security analyst in Clifford Chance's cyber security team.

Clifford Chance has a global estate and 7000+ staff; it is imperative that we maintain the security of the estate and enable the legal advisors and others to carry out their work.

The cyber security analyst will be responsible for managing and investigating cyber incidents, ensuring that incidents are handled from beginning to end and are properly contained and remediated. You will work closely with MSSP and internal IT teams

This role will suit a highly motivated individual, with keen attention to detail, who can demonstrate an exceptional analytical skill set and knowledge of current and evolving Cyber threats and developing strategies for their detection and mitigation.

Who you will work with

You will work within the cyber security team at Clifford Chance, alongside the information security team, reporting into the Head of Cyber Security. You will work with several IT and business risk colleagues across the business on incidents and wider improvement projects.

You will be working with colleagues in the security team primarily in the UK and India, however you will work with IT and business teams across the world.

What you will be responsible for

Key responsibilities of the Cyber Security Analyst:

• Manage and respond to cyber security incidents from initial triage through to close.
• Work with Major Incident Management teams and Head of Cyber Security to manage and investigate serious incidents as required.
• Document incidents clearly and report upwards as required.
• Investigate incidents using a range of tooling – such as endpoint analysis via Microsoft Defender, use of SIEM products, log analysis and malware analysis. 
• Operate several tools but not limited to Vulnerability, SOAR, Threat Hunting, External Exposure, BAS.
• Research and incorporate relevant threat intelligence during the incident investigation and in written and verbal reports.
• Maintain current tooling and best practise knowledge in relation to attacker tactics and techniques, response processes, containment and remediation of incidents.
• Track cyber threat actors/campaigns based off technical analysis and open source intelligence.
• Perform threat hunting activities across the network, including designing and running threat hunts.
• Triage and investigate emails reported by CC employees in accordance with established processes
• Ability to troubleshoot the log feed interruption for the logs sources ingesting logs in SIEM tool and restore the feeds
• Liaise with Architecture, IT Operations, Network Security and IT Risk to implement security enhancements and during incidents.

What you will do

• Handle incidents and alerts on a daily basis by utilising Microsoft cloud solutions, log analysis, malware sandboxing, and speaking to other IT teams and users as required.
• Work across the UK and India Cyber Security team – reporting upwards, sharing knowledge across the wider team, and maintaining regular contact.
• Support penetration tests and improvement projects – ensuring all are delivered smoothly.
• Liaise with Architecture, IT Operations, Network Security and IT Risk for new projects, incidents, vulnerabilities and other issues.
• Support and be part of the on-call rota.
   

Your experience

• The cyber security analyst will have at least 3-5 years experience in cyber security and incident handling. Key areas of essential experience include:
• 3+ years of hands on cyber incident response experience with proven capability and experience of investigating, managing and remediating cyber security incidents.
• Knowledge of data breaches, ransomware, fraud and other types of serious incident.
• Knowledge of current and emerging advanced cyber threats, attack and evasion techniques, command and control infrastructures and insider threat behaviour.
• Experience in escalating and articulating security concepts to senior, technical and non-technical audiences.
• Strong organisational, communication and project management skills.
• Strong Azure / M365 cloud knowledge and experience as well as on-premises IT experience.
• Usage of investigation tools such as malware sandboxes, SIEMs, log analysis tooling, network traffic analysis, endpoint analysis (event logs, files, processes).
• Experience with vulnerability scanning and management tooling and interpretation of results.
• Experience working in a team-oriented, collaborative environment.
• Experience with standard on-premises security products such as firewalls, proxies, endpoint solutions.
• Threat modelling and use case development and the MITRE ATT&CK framework to guide detection rulesets, threat hunting and investigations.
• AI Knowledge and hands on experience
   

Who we are

As a global law firm our work spans jurisdictions, cultures, and languages – and so do our people.

Our culture is collaborative and inclusive — where diverse perspectives are recognised and valued. Where performing to your highest ability, unlocks equal access to opportunities to learn, thrive and grow. 

We combine deep legal expertise and commercial intelligence to grow, transform, protect, and defend our clients' businesses, across every critical moment.

We operate in the sectors and regions that matter to our clients. With forward-thinking insights and innovative, tech-enabled solutions that combine deep knowledge of their sectors and markets.

You’ll build connections and work with colleagues as one global team. You’ll unlock opportunities for clients, across borders, cultures, legal and commercial disciplines.

Join us to work with colleagues as one global team – empowering each other to be exceptional and create advantage for our clients.

Our India team is a well-established and integral part of the firm’s global operations, delivering high-value support across a wide spectrum of functions. With over 800 business professionals based in Gurugram and Hyderabad, we’ve been driving operational excellence and innovation for more than 15 years.

We contribute to global success in areas such as Information Technology, Finance, Human Resources, Risk & Compliance, Legal Support, Research & Knowledge, Document Production, Virtual Executive Assistance, Programme Management, Client & Market Development, and Continuous Improvement.
 

How we will support you

From your first day with us, you will have varied opportunities to continuously grow and development your skills and knowledge. From formal training, informal coaching and mentoring through to skills-based and technical training and on the job learning.

Equal opportunities

At Clifford Chance, we understand that our true asset is our people. Inclusion is good for our team and their families, our firm and society.

We are committed to treating all employees and applicants fairly and equally regardless of their gender, gender identity and expression, marital or civil partnership status, race, colour, national or ethnic origin, social or economic background, disability, religious belief, sexual orientation, or age.  This applies to recruitment and selection, terms and conditions of employment including pay, promotion, training, transfer and every other aspect of employment.

We have a variety of flourishing employee networks. These networks are a place for colleagues to share experiences and advocate for change wherever they see an opportunity for improvement.

Our goal is to deliver an equality of opportunity, an equality of aspiration and an equality of experience to everyone who works in our firm. 

Find out more about our inclusive culture here.