Incident Response and Forensics Analyst I

About Kirkland & EllisAt Kirkland & Ellis, we are united in our ambition and drive to move forward. We share core values that help us achieve excellence: collaboration, talent empowerment, service, inclusion, respect and gratitude. Our people are our greatest asset, and we invest in the brightest talent and encourage a diversity of perspectives and strengths to create dynamic teams that operate at the pinnacle of their field. Our talented professionals show up every day knowing they will engage in meaningful work, continuous learning and professional development.As one of the world’s leading law firms, we serve a broad range of clients with market-leading practices in private equity, M&A and other complex corporate transactions; investment fund formation and alternative asset management; restructurings; high-stakes commercial and intellectual property litigation; and government, regulatory and internal investigations. We handle the most complicated and sophisticated legal matters because we don’t just meet industry standards, we create them. We bring innovation and entrepreneurialism to every engagement and, as a result, have long-standing client relationships with leading global corporations and financial sponsors. With 6,500 employees (including 3,500 lawyers) operating from 20 offices across the United States, Europe, the Middle East and Asia, we are one of the largest law firms in the world and a top financial performer.Essential Job FunctionsThe Incident Response and Forensics Analyst I role is part of the Security Governance department and reports to the Director of Cyber Security Architecture and Forensics. The Security Governance department leads in protecting the firm from Cyber and Physical threats, and assists with assuring compliance to contractual, legal, and ethical requirements. Risk to the firm is reduced by providing clear direction for the secure delivery of technology, active identification of risks, and rapid response to threats. Security Governance is led by the CSO who reports to the CAO and works directly with the firm’s General Counsel.ResponsibilitiesAs part of the Cyber Security Architecture & Forensics team, the Incident Response and Forensics Analyst has the following firmwide responsibilities:• Threat Intel: Manage, create, and investigate via third party intel threat managers, threats to industry, company and or personal.• Forensic: Create, manage, and investigate utilizing standard tools such as FTK, Encase and similar tools in a manor to ensure 100% integrity of evidence.• CIRT: Core team member.• Threat Hunter: Manage and participate in 3rd party Red and Purple teaming events.• Investigations: When directed, conduct investigations which could include but is not limited to, Highly Sensitive matters, Insider threats, HR related events and other non-traditional Security Incidents.• Second/Third Level tech support: Assist Security Operations when requested in reviewing security events and help determine root cause and provide guidance with escalation of those events. Due to the nature of Incidents this position is expected to be available when required, which sometimes fall outside of normal working hours.• Able to self-manage and complete tasks, sometimes in a limited time frame and ability to work outside normal channels to accomplish assigned tasks.• Proficient in employing scripting languages and data analysis software to scrutinize extensive logs and disorganized data, providing insights for investigative queries.• Skilled in managing actual security incidents and conducting detailed analysis of adversary tactics and strategies.• Leading and owning tasks during incidents which can include guiding teams with correct procedures in preservation of data and incident response.• Assist with damage assessment and cause and origin investigations.• Performing forensic analysis of systems and performing complete technical and investigative reports to seniors on the forensics teams• Working with senior team members to prepare materials as related to presentation.• Perform peer reviews and condition assessments.• Facilitate communication and coordination between internal teams and if necessary, external resources.• Ability to identify cyber security risks, indicators of compromise and remediation tasks as they pertain to Cyber Security• Assist with the remediation of findings.• Must possess a high degree of integrity and confidentiality as well as the strict adherence to both company policy and good practices.Qualifications & RequirementsThe following experience and education does not need to be consecutive and is preferred. Any combination of experience, education, and certification that demonstrates that the candidate can be successful in the position will be considered.Experience• Minimum five (5) years of experience in Information Technology operational and/or engineering roles of which at least three (3) years of experience in IT security, compliance, or risk management developing and deploying security technologies, policies, standards, and procedures.• Understanding of industry standard frameworks such as ISO 27001, NIST 800-53, CSF, CIS, ATT&CK Matrix.Technologies• Advanced Endpoint Security• Forensic toolkits – Encase, FTK or other similar tools• Agent Based Data Loss Prevention (Host DLP)• Application Allow\Blocklisting• Azure IaaS & PaaS Security• Cloud Access Security Broker (CASB)• Cloud Security Posture Management (CSPM)• M365 Security Suite• Network IPS/IDS• Next Generation Firewall• Privileged Access Management• SIEM• Vulnerability Management• Web Application Firewall (WAF)Education & Professional Certification• Bachelor’s degree or better in Cyber Security or similar is preferred.• CISSP, CISM and technically focused certifications is preferred.Core SkillsCommunication• Developing organizational mission, objectives, milestones, and plans with little supervision.• Independent and persuasive business writing.• Listening, understanding, and articulating technical and non-technical information (both written and oral formats) to customers, peers and/or management in a one-on-one or team context with some oversight.• Effective production support activities, including technical writing and the creation of documentation, training, and other communications without frequent supervision.• Has developed active listening skills.Decision Making• Produces effective and practical decisions and problem solutions based on a mixture of analysis, experience, and judgment.• Provides innovative and insightful ideas.• Perceives the cross impact on other engagements.• Determines personnel needs and staffing.Interpersonal Skills• Capable of defusing complex interpersonal issues effectively.• Negotiates skillfully in very difficult situations with both internal and external groups.• Inspires and motivates.• Recognized as a positive and motivational leader on the team.Strategic/Change Leadership• Builds strategy and focuses on six months to one-year plans.• Contributes individually or through others on complex issues or initiatives.• Facilitates group progress on complex issues and initiatives.Program/Project Management• Spearheads complex programs that span multiple inter-organizational units and clients.• Interfaces with senior management.How To ApplyThank you for your interest in Kirkland & Ellis LLP. To complete an application and submit your resume, please click "Apply Now."Equal Employment OpportunityAll employment decisions, including the recruiting, hiring, placement, training availability, promotion, compensation, evaluation, disciplinary actions, and termination of employment (if necessary) are made without regard to the employee’s race, color, creed, religion, sex, pregnancy or childbirth, personal appearance, family responsibilities, sexual orientation or preference, gender identity, political affiliation, source of income, place of residence, national or ethnic origin, ancestry, age, marital status, military veteran status, unfavorable discharge from military service, physical or mental disability, or on any other basis prohibited by applicable law.Closing StatementThe www.kirkland.com job postings and recruiting mailbox are for candidates only. If you are a recruiter, search firm or employment agency, and do not have a signed contract with Kirkland & Ellis LLP ("K&E") and have not been asked specifically to submit candidates, you will not be compensated in any way for your referral of a candidate even if K&E hires the candidate. Direct contact with K&E employees in an attempt to present candidates is inappropriate and will be a factor in determining any future professional relationship with the Firm.