Lead Security Operations Analyst

Leeds Full-Time

The Information Security & Resilience team are responsible for security activities across the DLA Piper International firm.

This role is an exciting opportunity to join our Cyber Security team in a pivotal role within Security Operations. Reporting to the Senior Security Operations Manager, the right person will be responsible for leading the detection and response of security incidents as well as help shape and develop our capabilities. This is a hands-on role and you’ll be expected to lead enhancements and refine our processes and procedures. You may also be called on to support exciting new projects supporting the firm as it undergoes significant transformation around technology and sustainability., As part of our in-house security operations team, you’ll work with the latest security technologies and industry leading service providers to detect and respond security incidents and support general security operations activities covering Asia Pacific, Middle East and Europe.

The Lead Security Analyst will be responsible for:

Providing subject matter expertise on detection, protection and response of security events and incidents
Liaising with the operational IT teams on incident response and improvements
Reporting on key operational metrics from the team
Ensure operational processes are documented and kept up to date using feedback from incident lessons learned
Ensure response capabilities are mature and tested on a regular basis
Educating and assisting in the development of Security Analysts
Design and implementation of custom use cases
Identifying areas of improvement in current tools and processes
Acting as a stand in for the Senior Security Operations Manager as needed, In everything we do connected with our People, our Clients and our Communities, we live by these values:
Be Supportive – we are compassionate and inclusive, valuing diversity and acting thoughtfully
Be Collaborative – we are proactive, passionate team players investing in our relationships
Be Bold – we are fearless and inquisitive, challenging ourselves to think big and find creative new solutions
Be Exceptional – we are strategic and driven, exceeding standards and expectations, We recognise that people have responsibilities and interests outside of their career and that as a business, we all benefit from working flexibly. That’s why we are open to discussing with candidates the different ways in which we are able to support requests for agile working arrangements.
Extensive industry experience related to infosec activities, (2-3 in a SOC environment)
Experience of wider operational security in international organisations
Demonstrable understanding of information security controls and technology
Team leadership/management
Excellent knowledge of technical security controls including, SIEM, SOAR, EDR, firewalls, IPS/IDS, web filtering, email filtering
Familiarity with frameworks such as, MITRE ATT&CK, Cyber Kill Chain, SIGMA, STRIDE
Knowledge of Cloud Security Services such as M365 stack
Fundamental understanding of cloud technologies (IaaS and SaaS)

The role works closely with the IT Operational teams so must have a good technical knowledge but the team being led is not responsible for day-to-day security engineering.

The ideal candidate will hold the usual security certifications (CISSP, CISM, GIAC etc) and will be a technically astute security all-rounder. It’s essential that the candidate can develop a holistic view of the firm’s security controls and be able to respond to security queries and incidents in an environment that is fast paced and sometimes demanding.

The following characteristics are essential: