McGuireWoods LLP

  • Sr. Cyber Threat Hunter

    Category Information Technology
    Job Location
    US-VA-Richmond
  • Overview

    McGuireWoods has an opening for a Cyber Threat Hunter on our IT team in our Richmond, VA downtown office.  We are searching for a for senior-level cyber security professional who will be responsible for overseeing the development of red teaming methods and activities across the firm, to include (but not limited to) the areas of business continuity, information security, personnel security, operations security, and facilities security.

     

    McGuireWoods LLP is a global law firm with a legacy reaching back more than 175 years.  We are strong in the traditional legal practices such as litigation and corporate law, but we are also leaders in rapidly expanding fields such as data privacy and security, the life sciences, private equity, and healthcare, among many others.  We offer the opportunity to grow through an extensive range of legal practice areas and industries, and to work in locations around the world.  Perhaps the most attractive aspect of joining our firm is the opportunity to work with our lawyers and leaders, all of whom reflect the value McGuireWoods places on experience, talent and diversity.  For more information, please visit www.mcguirewoods.com.

    Responsibilities

    • Build and maintain a comprehensive model of relevant, feasible threats to the firm
    • Conduct simulated attacks on firm resources, including but not limited to phishing, web application compromise, social engineering, and penetration testing (pen tester)
    • Conduct ongoing analysis of the firm network and information systems using existing security monitoring tools, analytics tools, and other log sources in order to discover threats, weaknesses, and vulnerabilities
    • Provide regular threat/risk briefings to senior management regarding issues raised by the red team. Present findings within a context of overall risk to the firm. Adjust red team activities and agenda based on senior management input
    • Analyze security violation reports for suspicious activities and patterns
    • Lead testing of installed systems to ensure protection strategies are properly implemented and functioning as intended
    • Work closely with infrastructure and security teams, both to receive input and to provide practical and actionable intelligence

    Qualifications

    • Prefer Bachelor’s Degree in Information Technology or Computer Information Systems
    • Must have a minimum of ten years of relevant experience
    • Demonstrated knowledge and experience with various network protocols, firewalls, penetration testing tools, remote access, network operating systems and vulnerabilities, PC operating systems and vulnerabilities and network management tools. Specific experience required: TCP/IP, log review/analysis, Windows operating systems, Tenable Security Center
    • Excellent analytical, problem-solving, customer service, project management and communication skills are required
    • Understanding of operating system internals and network protocols
    • Knowledge in application technology security testing (white box, black box and code review)
    • Understand system technology security testing (vulnerability scanning and penetration testing)
    • Microsoft and/or Cisco certifications helpful. CEH certification preferred. CISSP and CISA certifications strongly preferred
    • Prefer those candidates with community contributions like public CVEs, bug bounties, open source tools and/or blogs

    Have more questions?  Connect with a recruiter directly.

    #LI-EB

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share