Senior Director, Information Security Threat Hunting, Detection & Incident Response

Back Click Here to Apply

Title :

Senior Director, Information Security Threat Hunting, Detection & Incident Response

Location :

New York

Job Summary

Gibson Dunn is a leading global law firm, advising clients on significant transactions and disputes. Our exceptional teams craft and deploy creative legal strategies that are meticulously tailored to every matter, however complex or high-stakes. The firm’s work is distinguished by a unique combination of precision and vision.

Based in New York, Washington D.C. or Los Angeles, the Senior Director, Information Security Threat Hunting, Detection & Incident Response will be responsible for the ongoing development and oversight of all aspects of the threat hunting, detection and incident response program, including developing processes, procedures and policies that ensure threats are timely detected, responded to and resolved.

The Senior Director, Information Security Threat Hunting, Detection & Incident Response advises the Information Security Team on the tactics, techniques and procedures of current threat actors, emerging threats, relevant and timely IOCs and all aspects of threat hunting, detection and analysis. The scope of this position is firm wide and requires a thorough understanding of all the IT systems the firm uses, and how those systems are secured.

This role reports to the Chief Information Security Officer.

Responsibilities include:

  • Developing, managing and evolving a comprehensive, state-of-the-art threat hunting, event analysis and incident response capability.
  • Performing detailed and complex analysis tasks, including malware analysis.
  • Providing technical leadership for all relevant information security platforms.
  • Serving as the final escalation point for issues related to threat hunting, event detection/analysis and incident response.
  • Overseeing and directly participating in the administration of the firm’s SIEM and other relevant information security technology platforms.
  • Taking the lead role in responding to and containing information security related incidents.
  • Ensuring IOAs and IOCs are timely integrated into relevant systems and platforms.
  • Managing/curating threat intelligence both human and machine readable.
  • Partnering with IT managers to develop and maintain best practices and policies for security of all internal systems.
  • Communicating with firm Senior Leadership in the absence of or as directed by the Chief Information Security Officer.
  • Playing a primary role in the selection of new information security technologies.
  • Overseeing and directly participating in the installation, configuration, and monitoring of relevant information security technologies.
  • Assisting in the development and knowledge transfer to information security team members, as well as other IT or firm groups.

Qualifications

  • Strong written and oral communication skills.
  • Excellent customer service skills and sense of urgency when resolving issues.
  • Organized, responsive and highly thorough problem solver.
  • Ability to relate to non-technical users in user-friendly language.
  • Ability to understand the technical implications of security threats.
  • Ability to effectively prioritize and action threat intelligence.
  • Ability to work collaboratively across departments.
  • Ability to motivate and lead a team of diverse technical professionals.
  • Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment.
  • Ability to write clear and concise reports, including executive summaries.
  • Must demonstrate the ability to maintain strict confidentiality of the firm’s internal and personnel affairs.

Experience

  • University Degree in a technology related discipline or 4 years of relevant experience.
  • Graduate Degree in a cybersecurity discipline is preferred.
  • CISSP certification is required.
  • Any two of the following certifications is required: CISM, CSX-P, GIAC GREM OSCP, GIAC GCIH.
  • 1-3 years of full-time experience leading and managing information security professionals.
  • 3-5 years of full-time experience in a cybersecurity role dedicated to incident response, digital forensics, threat hunting or event analysis.
  • 5-7 years of combined experience in intelligence, cybersecurity or information technology.
  • Strong knowledge of information security principles and practices.
  • Experience with incident response and analysis, preferably in a leadership role.
  • Strong working knowledge of DFIR tools and techniques.
  • Experience performing packet analysis.
  • Strong knowledge of security implications involving a variety of technologies, including but not limited to SaaS platforms and SaaS as infrastructure, Microsoft, Cisco, Unix/Linux, and other market leaders in technology solutions, including mobile devices.
  • Strong knowledge of SIEM and data analytic concepts, including extracting, manipulating and combining diverse data sets.

 

 

Gibson Dunn will consider for employment qualified Applicants with Criminal Histories in a manner consistent with the requirements of local law.

Compensation & Benefits:

The annual compensation range for this position is $305-395k. The salary offered within this range will depend upon qualifications and other operational considerations.

Benefits offered for this position include health care; retirement benefits; paid days off, including sick time, and vacation time; parental leave; basic life insurance; Flexible Spending Accounts; as well as discretionary, performance-based bonuses.

Gibson Dunn & Crutcher LLP is committed to the principles of equal employment opportunity for all partners, employees and applicants and, in accordance with the applicable federal and state laws, does not discriminate on the basis of sex, race, creed, color, religion, matriculation or political affiliation, national origin, alienage or citizenship status, ancestry, age, marital status or partnership status, family responsibilities, disability, medical condition, personal appearance, genetic information, predisposing genetic characteristics, sexual orientation, military status, status as a victim of domestic violence, stalking and sex offenses, arrest or conviction record, or on any other basis prohibited by law.