Senior Information Security Threat Analyst

Allen & Overy is a leading global law firm operating in over thirty countries. We work on some of the most challenging and important deals and have built a reputation for delivering exceptional legal solutions that help our clients grow, innovate and thrive. The legal industry is changing, and we're committed to leading that change, putting our people first, embracing new ways of thinking and integrating technology into our everyday work. Our business teams work hand-in-hand with our lawyers, Consultants and other specialist teams, and are ambitious, driven and leaders in their field.
- With us, you will constantly be learning and growing. We invest in you by offering exceptional professional and personal development - providing training, mentoring and practical support. We offer rewarding careers that are built around your strengths and designed to ensure you can achieve your personal and professional goals, recognising that those may look different for everyone.
- We have a powerful commitment to diversity, equity and inclusion. We’re determined to play our part in advancing a workplace where progress is made by harnessing our differences - whatever defines you, we ask you to bring your whole self to work. What truly defines a career at Allen & Overy? We recruit the best and ask for the best of you. We provide challenge, support and a place for you to belong. And together we excel, working on meaningful projects of global significance.**Department purpose**

The Global Information Security & IT Risk team is responsible for setting the firm wide strategy for Information Security and managing controls to ensure continuous alignment with the strategy and keep risks to acceptable levels. The team must deliver and support robust, reliable, scalable, and fully supportable integrated systems for business operations.-
**Role purpose**

The Senior Information Security Threat Analyst is accountable as the most senior member of Allen & Overy's Information Security Operations business as usual team in Singapore and is responsible for continual service improvement in the following areas: Information Security technologies including but not limited to, Cloud Security, AV, EDR, PKI, Key Vault, PIM and IAM. As well as Information Security principals including but not limited to, data loss prevention, preparing technical risk assessments, vulnerability management and threat hunting.**Role and responsibilities**

Reporting to the Information Security Operations Manager in Belfast with pastoral care from Head of IT APAC, this role will lead in taking ownership of day to day executive in the following areas:

- Maintaining, updating and continuously improving Cloud Security
- BMC InfoSec request tickets and incident queue management
- Security investigations management - taking the lead on investigations and managing to completion
- Prepare technical risk assessments
- PKI certificate management
- Anti-virus and EDR management and support
- Providing a point of technical leadership on nominated Infosec projects. This includes delivery of business funded projects, service improvements (SIPs) and system enhancements (SEs)
- Work closely with the Threat and Vulnerability Analyst in Singapore on basic threat hunting and vulnerability work
- Information Security Inductions
- Over 3 years’ experience in a 3rd line role in information security supporting some of the security technologies listed.
- A well founded understanding of security technologies.
- Good working knowledge of Microsoft Windows operating systems and networking technologies.
- Cloud and DLP technologies experience.
- Anti-virus and EDR technologies management and support experience.
- Excellent communication and presentation skills, both orally and written.
- An enthusiasm and passion for technology. The ability to promote information security within the firm, using business friendly language, and seek out opportunities with tangible business benefits.
- Highly self-motivated, self-starter, who will undertake all activities to the highest professional standards.

**You will stand out if you bring**
- Experience of complex IT Security incidents and investigations.
- Computer forensics experience.
- Experience supporting a Linux based environment.
- Commercial acumen, including an understanding of the overall picture of IT service costs and how IT adds value to the business.
- Experience of working in a global environment across international locations with an appreciation of multiple cultures.
- Knowledge of IT market and trends.
- Experience providing on call support.
- Proven track record in providing technical leadership and delivering enterprise wide solutions.
- Experience working within the professional services sector.
- Degree qualified - preferred.
- MITRE ATT&CK experience and knowledge.
- A passion for learning Threat Hunting and red team skills.
- Understanding and an interest in Vulnerability Management.
- Information Security related qualifications