Description
About Mishcon de Reya:
Mishcon de Reya is an independent law firm, which now employs more than 1000 people with over 600 lawyers offering a wide range of legal services to companies and individuals. The firm has grown rapidly in the past decade, with more than 25% revenue growth in the past five years alone.
With presence in London, Singapore and Hong Kong (through its association with Karas LLP), the firm services an international community of clients and provides advice in situations where the constraints of geography often do not apply. The work undertaken is cross-border, multi-jurisdictional and complex, spanning six core practice areas: Corporate; Dispute Resolution; Employment; Innovation; Private; and Real Estate.
The Mishcon de Reya Group consists of consultancy businesses MDR Brand Management, MDR Cyber, MDR Discover, MDR Mayfair, MDR Lab and MDRxTech.In 2021 the Group announced a strategic combination with Taylor Vinters,a leading legal and consultancy business in the innovation economy.
Technology is pivotal to our vision
Mishcon de Reya has an ambitious and detailed 10 year vision, backed-up by a three year plan. Rather than being considered a necessary support function, Technology is an integral part of the strategy of the Firm and this is reflected both by the level of Tech investment and how Technology initiatives are discussed at the most senior level.
This level of innovation and the investment we place in technology has led to us winning numerous awards, including: FT “Innovation in the business of law” and LegalWeek “Best use of technology” in 2017.
The Role
MDR Cyber provides CREST accredited security incident response and digital forensics services both internally and to our external clients and we are looking to grow and develop our response team. In this role you will support our incident response engagements under direction from an incident lead, working with client IT and security teams to investigate, contain, and eradicate threats.
You must be comfortable operating under the pressure of incident response conditions, making decisions and calmly developing and executing plans and delivering concrete results to clients.
Our incident response and digital forensics team also operates a forensics lab and in this position you will play a key role in delivering forensic services to both internal and external customers. You will conduct acquisition and analysis of both devices believed to be compromised and to support conventional investigations, searching for relevant information under direction from an investigation team. You will also frequently be called upon to provide technical advice and guidance to other internal team to help them deliver the best possible legal advice to clients.
Responsibilities/Duties
Duties will include, but are not limited to:
- Support incident response engagements by conducting technical investigation activities under direction from the incident lead.
- Conduct forensic acquisition and analysis in both incident response scenarios and as discrete takings from an investigation team.
- Assist with incident management, including scoping work, guiding clients through decision making, and supporting containment and eradication.
- Develop intelligence assessments of incidents and other potential threats to clients.
- Support clients with longer term guidance and support with remediation and security uplift activities.
- Provide specialist and advice and guidance to internal teams on technical and forensic matters.
- Deliver investigations, tradecraft, and technical training to internal teams.
- Be part of the on-call responder group, acting as a first point of contact for incident triage.
Desired Skills and Experience:
- Experience working in incident response, digital forensics, and/or security operations.
- Skilled in examining Window, Linux, and MacOS hosts for evidence of compromise.
- Experience in extracting and reviewing logs from a wide range of sources to identify evidence of malicious activity.
- Experience with forensic acquisition and analysis of data from endpoints and mobile devices.
- Use of FTK, SIFT, ELK, FLARE, Autopsy, Volatility, WireShark, TCPDump, and open source forensic tools.
- Experience with dynamic and static malware analysis for Windows, Linux, and MacOS.
- Experience with one or more scripting languages (Python, PowerShell, Ruby, Perl, Bash, etc.).
- Strong understanding of the modern cyber threat landscape with a good grasp of intelligence tradecraft and analysis.
- Experience in dealing with external clients, especially in high-pressure or time-critical situations is desirable.
Please note that this job profile is not an exhaustive list of duties but merely an outline of the key components of the role. You may be required by your line manager to take on additional responsibilities when requested.
We strive to create a fully diverse and inclusive workplace where all our people are empowered to fulfil their potential. We are proud of our agile working culture and are always happy to talk flexible working.
Job Type: Full-time
