IT Security Operations Analyst

The IT Security Operations Analyst works within the Information Security team, who are responsible for safeguarding the organisation against cyber threats and unauthorised access. The Information Security team's objective is to safeguard the integrity, confidentiality, and availability of sensitive information and business systems. This role focused on delivering support to the Information Security team by consolidating threat intelligence, the management and assessment of the effectiveness of security controls and incident response. The role involves collaboration with the Technology department, working together to ensure the protection of the firm's digital assets, and maintaining compliance with security standards and regulations.,

• Detection and Response: Work closely with the MSSP as an escalation for SIEM alert invenstigations and to ensure coverage and effectiveness of detections of the SIEM to reduce flase positives.
• Threat intelligence: Monitor sources for information that could identify threats to the business faces and elevated risk and make recommendations to mitigate this.
• Vulnerability Management: Perform vulnerability assessments, liasing with the Technology teams to assist in prioritising and monitoring remediation work.
• Technical Skills: Ensure up to date knowledge of cyber threats, including cyber-attack methods and countermeasures.
• Incident Response: Investigate security incidents, carrying out analysis, suitable timely mitigations and/or containment. Provide both technical and leadership reports.
• Policy Development: Develop and implement security policies and baselines and contribute to the creating of company standards and best practices for information security.
• Compliance and Certification: Assist with all security certifications to ensure compliance with applicable standards and regulations.
Key Deliverables - Operational Excellence
• Detect, Protect and Respond: Protect and secure the enterprise's sensitive data and systems.
• Operational Excellence: Ensure the delivery of operational excellence related to all technology and security systems, processes, and procedures.
• Policy Maintenance: Develop and maintain systems, controls, and procedures to a standard equivalent to ISO27001 and CE+.
• Clent Data Requests: Complete client data requests and reporting related to IT, information, and cyber security.
• Security Certifications: Assist with all security certifications to ensure compliance with applicable standards and regulations.
Most of our roles are hybrid, meaning that colleagues benefit from working in our office and remotely. We are happy to discuss this and other flexible working arrangements with you as part of the application and interview process.


• Service-Focused Attitude: A professional, credible manner with a service-focused attitude.
• Communication Skills: Confident and clear communication (verbal and written) with people at all levels of the business hierarchy.
• Time Management: Ability to respond quickly to requests, manage time effectively, and work under pressure.
• Proactive Nature: Hardworking, organised, able to structure own work, and work independently when required.
• Teamwork: Work closely with the InfoSec and Technology team to foster collaborative working relationships.
• Analytical Skills: Being able to interpret data and identify anomalies.
• Attention to detail: Be able to focus on important details to produce thorough, accurate and consistent work., Educational Background: A bachelor's degree in computer science, information technology, or equivalent work experience.
• Professional Experience: Solid experience in a legal or other professional services firm is preferred - ideally a partnership structure. Experience in operating withing the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards is essential. Two years' experience working as a Security Engineer or Security Operations Team.
• Technical Knowledge: Knowledge of Azure, encryption key management, and cloud-based services such as M365 is essential. Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts is also important.
• Ceritications: Industry-standard certifications such as CISA, CISSP, or CEH can boost employement prospects.
• Documentation Skills: Experience in preparing documentation and guidance for others is essential.
  
  With 8 offices worldwide and with our headquarters based in London, Stephenson Harwood is a law firm where our people are committed to achieving the goals of our clients - listed and private companies, institutions and individuals across the globe. Our mix of expertise and culture results in a combination of deep local insight and the capability to provide a seamless international service.
Our experience encompasses corporate, commercial litigation and arbitration, employment, pensions and private wealth, finance, marine and international trade, and real estate and projects. We assemble teams of bright thinkers to match our clients' needs and give the right advice from the right person at the right time. Dedicating the highest calibre of legal talent to overcome the most complex issues, we deliver pragmatic, expert advice that is set squarely in the real world. We understand the power of diversity in delivering that high calibre advice to our clients. We want to attract diverse talent and we particularly encourage applications from underrepresented demographics. Our values Individuality We encourage creativity and develop talent. Commitment To be the best and deliver the highest standard. Teamwork We work together to build close, long-term relationships. Straight talking We say what we mean and do what we say. These values express the personality of the individuals within our firm. They are the behaviours we encourage in our people and the standards which inform our decisions and actions. Our vision into 2026 To be a successful firm where talented people work together in an entrepreneurial environment, building long term client relationships. This vision is about who we want to be, as well as who we are. It is as much about our values as about our character - the attributes we want to see from all of our people. That's how we unlock our entrepreneurial spirit, advising our clients with top performing teams. A key part of the 2026 strategy is to focus on five core sectors: decarbonisation, life sciences, private capital & funds, technology, and transportation & trade. These have been identified as crucial in the drive for accelerated profitable growth. We are an equal opportunity organisation, committed to having a diverse workforce. We do not discriminate on the basis of age, sex, race, disability, sexual orientation, culture, or any other protected characteristics. We aim to create a culture where everyone can be themselves and is valued for their strengths and unique perspectives.

We will offer you a place where you can be yourself and where there are no limits on what you can achieve. With us, you can take ownership of your career and have honest conversations throughout. You would join an ambitious firm with a clear strategy for profitable growth where you can get early responsibility and early involvement in growing the business. Here you can expect a competitive and fair reward as well as recognition based on all round performance. This forms part of our internal promise to you, The Deal, between the firm and its employees. You can expect:
• A Competitive salary and a host of family friendly policies.
• Life assurance, private health and dental care for you and your family.
• A range of flexible benefits including gym discount and retail vouchers.
• Tech, cycle and electric car schemes.
• The opportunity to support the firm's charity through volunteering leave.
• A wellbeing strategy that focuses on preventative measures to maintain overall health, and tools and support for when we experience physical or mental difficulties. The strategy focuses on four pillars: physical, emotional, financial and social aspects.