Lead Consultant - Cyber Risk Services
The Lead Consultant, under direction of the Managing Principal of Hogan Lovells-Cyber Risk Services (HL-CRS), shall be responsible for billable support for the information security needs of clients of the firm’s Cyber Security practice. The position will provide support for incident response engagements, client security assessments, regulatory compliance assessments and numerous other assignments relating to cyber security consultations. The position shall work closely with partners and associates in the Cyber Security Practice in order to meet the needs of our clients.
The Lead Consultant will support and bill appropriately for client engagements, which will include teams of both technical and legal professionals. The position will not have any direct reports.
The Lead Consultant will:
- Investigate network intrusions and other cyber security breaches to determine the cause and extent of the breach;
- Participate in technical meetings and working groups to address issues related to malware security, vulnerabilities, and issues of cyber security and preparedness;
- Perform assessments of client security programs and make strategic recommendations and priority recommendations related to improvements;
- Prepare and write reports and briefings related to client security engagements;
- Develop incident response plans and procedures tailored to specific client needs;
- Support the development and implementation of security-oriented policies, procedures, and operating practices;
- Maintain significant knowledge of Cyber threat actors, attack methodologies and mitigation/remediation methods;
- All members of the firm are encouraged to participate in our Global Citizenship program; and
- Other duties as assigned.
- Five (5)+ years of experience in information security positions, with two (2)+ years experience in a role providing information security or information risk management consulting services.
- Two (2)+ years of experience in a professional services organization (such as a law firm, accounting practice, or similar data-intensive operation) preferred.
- Experience overseeing an ISO 27001 certification program, with certification as an ISO 27001 Lead Implementer or Auditor preferred.
- Significant experience managing incident response, computer crime, or forensics investigation programs required.
- Significant knowledge of cyber threat actors and there attack methodologies are required.
- Significant knowledge of information security technologies, networking and network architecture required.
- Strong communication skills.
- Proven ability to manage competing priorities and work under pressure.
- College degree preferred.
- Current information security certification as a GIAC, CISSP, CISM, CIPP or CFE required. Multiple designations desired.
- A global perspective on privacy, security, and data protection issues and trends.
Core hours are Monday through Friday, 9:00 a.m. to 6:00 p.m., including one hour for lunch, with additional hours as needed. Flexibility for both domestic and international travel.
This job description sets forth the authorities and responsibilities of this position and may be changed from time to time as shall be determined.
Hogan Lovells is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, age, national origin, disability, sexual orientation, gender identity or expression, marital status, genetic information, protected veteran status, or other factors protected by law.