Global Cyber Security Analyst

Dentons is designed to be different. We are driven to always be the firm of the future, to challenge the status quo, and to provide holistic business solutions to our clients in new and innovative ways. We are the lightbulb moments. The bold ideas. We are the world's largest global law firm, with 12,000+ people across 80+ countries. Driven by the diverse perspectives of our people, our clients, and our communities, we combine local knowledge with global insight.

The Global Cyber Security Analyst will analyze and correlate global and regional cybersecurity data. This includes helping to monitor, triage, and prioritize the response to alerts for both cloud and traditional infrastructures.

This position is designated for weekend coverage. The role’s standard 5-day work week will include Saturday and Sunday.

1. Perform technical analysis on a wide range of cybersecurity issues.
2. Monitor, triage, prioritize, and coordinate events with global and regional teams, and respond to alerts for further investigation.
3. Integrate lessons learned to improve defensive capabilities and incident response processes, ensure proper configurations and security controls of systems and agents, document key findings in reports and incident management systems.
4. Conduct enterprise security log collection, management, and analysis. Investigate SIEM events, alerts and tips to determine if an incident has occurred.
5. Recognize attacker and APT activity; tactics, techniques, and procedures (TTPs); and indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response - integrate threat intelligence reporting & indicators of compromise to improve defenses and proactively mitigate new threats.
6. Coordinate the response for confirmed security incidents, to include efforts to scope, contain, eradicate, and remediate - function as the first line of cyber defense as part of the Global Security Team.
7. Maintain situational awareness and keep current with cyber security news and latest threat actor TTPs, in part to support the production of effective situational awareness products with relevant metrics and visualizations for key stakeholders and leadership.
8. Review of multiple log types including Windows, Active Directory, Email, Firewall, VPN, etc. to conduct malware analysis, host and network, forensics, log analysis, and triage in support of incident response activities.
9. Assist in developing and maturing the future services and capabilities of the Global Security Team, such as Forensics, Threat Management, Penetration Assessments, Tool Management, Vulnerability Management, etc.

• Ability, attitude, and aptitude are valued over experience and skills, as training will be provided.
• Quick learner, team-oriented, self-motivated, passionate about problem-solving.
• Excellent communication, interpersonal, intercultural, and presentation skills.
• Flexibility to work nights and weekends, including holiday shifts, in case of serious incidents.
• Occasional travel may be required.

• Bachelor’s degree in relevant fields or equivalent experience.
• 1-2 years in incident analysis, security architecture, malware research, or similar roles.
• Knowledge of security tools like SIEM, IDS/IPS, web proxies, DLP, DNS security, firewalls.
• Understanding of MITRE ATT&CK, Cyber Kill Chain, and threat analysis models.
• Experience with log analysis, network packets, and security tools.
• Familiarity with reverse engineering, malware, rootkits, and network protocols.
• Scripting and programming skills (Python, PERL, etc.).
• Certifications such as GCIH, GCIA, C|EH, C|SA, CySA+, Security+ are advantageous.

Remuneration and benefits will be commensurate with experience and location.