Morgan, Lewis & Bockius LLP, one of the world's leading global law firms with more than 4,000 lawyers and staff in 31 offices, is currently seeking a Cyber Security Analyst, reporting to the Sr. Director of Information Security & Compliance. The Cyber Security Analyst is responsible for proactively protecting information assets from unauthorized or inappropriate access, through prevention, detection, monitoring, threat hunting and evaluation of current threats. She/he is responsible for contributing to investigations by performing technical analysis of alerts, events and files. In addition to working closely with IT and the Business, she/he may also be required to have occasional interaction with internal and external entities, clients, security contractors, and other professionals. She/he may also mentor at least one Cyber / Information Security Analyst.The candidate must reside in close proximity to a Morgan Lewis office.PRIMARY FUNCTIONS AND RESPONSIBILITIES Review alerts generated from monitored security events, including data loss protection and data movement, escalate alerts through proper channelsUse advanced analytic tools to determine emerging threat patterns and vulnerabilitiesResearch and evaluate emerging cyber security threats and suggest/implement ways to detect and respond to themTriage and analyze emails submitted to 'Report Phish'Analyze email threats and attack patterns, provide reportingKeep up to date with the latest cyber security and technology developmentsProvide user administration tasks for a disaster recovery document repositoryUpdate contingency and disaster recovery plans, based on new threats and attack vectors and data destruction capabilitiesReview third party penetration testing results, interface with service owners and suggest remediation; maintain an information security risk register & track through completionPerform vulnerability scans both scheduled, assigned and adhoc, when requiredAssist with internal and external audit findings relating to cyber securityPrepare IT and IT Security related correspondence, responses to proposals, memos and reportsResearch test and evaluate new or alternative security productsWhen required engage in 'ethical hacking', for testing and simulating security breachesParticipate in investigations and incident responseGenerate reports for both technical and non-technical staff and stakeholdersOther duties as assigned.EDUCATION, EXPERIENCE AND EXPERTISEThis job requires: a Bachelor's Degree (BA) from a four-year college or university (preferably in Computer Science, Information Systems, Computer Engineering, or related field),and,minimum 4 years of information / cyber security-related experience,or, equivalent combination of education and experience.Understanding of general information security controls, processes and principlesExperience with cloud environments and controlsFamiliarity of network infrastructure and system platformsCERTIFICATES, LICENSES, REGISTRATIONSPreference: CISSP, CISA, GIAC, CEH, CFCEOTHER QUALIFICATIONS AND REQUIREMENTS: To perform the job successfully, an individual must demonstrate the following knowledge skills and abilities:Broad knowledge of network protocols such as FTP, Telnet, SMTP, DNS, or HTTPSUnderstanding of MITRE ATT&CK framework tactics and techniquesITAR, CUI, CMMC and NIST experience preferredAbility to work effectively in a team-oriented environment, and the ability to work independentlyExperience with one cloud environment (GCP, AWS, Azure; prefer Azure)Familiarity with general information security controls, processes and principlesKnowledge and/or experience of computer vulnerabilities, such as, buffer overflows, code injection, format string, etc.Experience analyzing alerts and tickets; investigative skills a plusCOMPUTER SKILLSTo perform this job successfully, an individual must be proficient in three of the following areas:Ability to investigate and hunt for threatsVulnerability Scanning Software (ie Tenable, Rapid7, Qualys)Application Security Scanning Software (preferred but not required)Understanding of various endpoint security softwareCentralized log monitoring software (ie Splunk LogMon, Qradar)Knowledge of cloud environments and current related threats & trendsOverall basic knowledge of Microsoft operating system, Active Directory, Cisco technologies, computer operations and network design topologyYou must be fully vaccinated against COVID-19 by your hire date to be eligible for starting in the role. Proof of vaccination will be required. Morgan Lewis will provide reasonable accommodation(s) based on medical or religious grounds for qualified candidates.Morgan, Lewis & Bockius LLP is committed to equal employment opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. We value and encourage diversity and solicit applications from all qualified applicants without regard to race, color, gender, sex, age, religion, creed, national origin, ancestry, citizenship, marital status, sexual orientation, physical or mental disability, medical condition, veteran status, gender identity, genetic information, or any other characteristic protected by federal, state, or local law.Pursuant to applicable state and municipal Fair Chance Laws and Ordinances, we will consider for employment qualified applicants with arrest and conviction records.California Applicants: Pursuant to the California Consumer Privacy Act, the following link contains the Firm's California Consumer Privacy Act Privacy Notice for Candidates which explains the categories of personal information that we collect and the purposes for which we use such personal information. CCPA Privacy Notice for CandidatesMorgan Lewis & Bockius LLP is also an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law.If you are interested in applying for employment with Morgan Lewis and need special assistance or an accommodation to use our website or to apply for a position, please call or email the following contacts:Professional Staff positions: Please call 888.534.5003 or email talent.acquisition@Lawyer/Summer Associate positions: firmattorneyrecruiting@Determination on requests for reasonable accommodation are made on a case-by-case basis.PDN-94a07235-ac84-4c7c-8cbf-ed21fd8fa509