Manager, Cybersecurity Threat Operations

Paul Hastings is a leading international law firm that provides innovative legal solutions to many of the world's top financial institutions and Fortune Global 500 companies. With a strong presence throughout Asia, Europe, Latin America, and the U.S., we have the global reach and extensive capabilities to provide personalized service wherever our clients' needs take us. As one of the world's leading law firms, we seek dynamic individuals who share our commitment to service, innovation, and professional growth.

We have an opening for a Manager, Cybersecurity Threat Operations.

The Manager, Cybersecurity Threat Operations is responsible for overseeing cybersecurity operations, essential in safeguarding our organization from evolving cyber threats. This role serves as the leader of a global team responsible for identifying internal threats to the firm as well as daily administration of various technical security platforms. This position requires strong people skills, a deep understanding of cloud security, enterprise-scale cyber technologies, and collaboration with cross-functional teams.

This role will report to the Director, Cybersecurity Engineering and Operations and will work together to develop Cybersecurity threat operations best practices, aligning them with the objectives of the enterprise security architecture. They will develop continuous security monitoring processes to promptly detect and respond to security incidents and vulnerabilities. This involves maintaining and improving real-time threat detection systems to enhance our proactive security posture.

In this capacity, the Manager, Cybersecurity Threat Operations will:

• Oversee daily security operations, including monitoring, incident response, threat detection, and vulnerability management. Implement best practices to enhance our security posture;
• Triage Service Now cases and resolve internally or warm handoff as appropriate to other teams;
• Handle Tier 1 and 2 day-to-day administrative and monitoring tasks in various Cybersecurity platforms under the guidance of SMEs;
• Manage and Improve a Security Operations technical architecture, including a comprehensive SIEM to provide 24x7x365 continuous monitoring and investigation of correlated security event feeds and the appropriate triage and escalation in case of an identified security events:
  • Develop and institute measurement of security operations center performance metrics, reports, and dashboards;
  • Monitor, detect, analyze, and respond to network defense incidents and develop use cases for security monitoring;
  • Familiar with various malware categories, their characteristics, and network-based indicators of compromise;
• Work closely with internal stakeholders in IT, Cybersecurity Architecture, Engineering, and Incident Response and with third parties to identify and remediate risks and track and report identified issues and risk remediation efforts.

In addition, the Manager, Cybersecurity Threat Operations will be expected to have:

• Significant expertise in Cybersecurity Operations and expert experience in one or more areas of Cybersecurity: Intrusion Detection and Mitigation, Network Defense, Network Traffic Analysis, Cloud Security, Incident Response, Cyber Threat Hunting;
• Strong managerial skills;
• Expertise on security trends and research to address potential security exposures;
• Strong written and verbal communication skills;
• Experience with network security, networking technologies, and network monitoring tools;
• Experience in the development and coordination of implementation plans to modernize and optimize security operations;
• Experience managing security operations to monitor systems for misconfigurations, anomalous activity, and network intrusion attempts;
• Understanding of SIEM/EUBA tools that encompasses utilization of the query language, configuration of data management, and operation of underlying infrastructure; and
• Familiar with various malware categories, their characteristics, and network-based indicators of compromise.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field (preferred);
• At least 7+ years of experience in information technology or security engineering; and
• Relevant certifications such as CISSP, CISM, CCSP, or Azure Security Engineer (strongly preferred).

Employees will be provided with an excellent career opportunity in a collaborative environment, in addition to a generous total compensation package with the opportunity to earn bonuses based on individual contribution and firm profitability.

Eligible employees can participate in the Firm's comprehensive benefits program, which include the following:

• Medical, Dental, Vision, Life/AD&D, Long Term Care, and Short and Long Term Disability
• Flexible Spending Account and Health Savings Account
• Healthcare Concierge and Advocacy
• Voluntary 401k Plan and Profit Sharing
• 10 Paid Holidays per year and a generous PTO program
• Family Support including Pediatric Mental Health and Parental Support, Paid Parental Leave, Fertility Benefits, and Breast Milk Shipping
• Back-up Child Care, Elder Care, and Tutoring
• Wellness Programs (Employee Assistance Program, Mental Health, and Well-Being Events)
• Retirement Plan Consulting
• Anniversary Bonus Program
• Professional Development Programs
• Transportation Allowance and Commuter Benefits
• International Travel Insurance
• Auto/Home/Legal Insurance
• Pet Insurance
• Employee discounts
• And more!

The Firm has a range of diversity initiatives including our Paul Hastings Affinity Networks (PHANs), Women's Initiative, and PH Balanced. These initiatives provide a firmwide forum to share experiences, as well as an opportunity to participate in a supportive network with common interests to help make life at the firm more inclusive. Learn more about our Global Diversity, Inclusion and Wellness Initiatives here.

Paul Hastings LLP is an equal employment and affirmative action employer F/M/Disability/Vet/Sexual Orientation/Gender Identity.