Technical Vulnerability Lead

About Kirkland & Ellis

At Kirkland & Ellis, we are united in our ambition and drive to move forward. We share core values that help us achieve excellence: collaboration, talent empowerment, service, inclusion, respect and gratitude. Our people are our greatest asset, and we invest in the brightest talent and encourage a diversity of perspectives and strengths to create dynamic teams that operate at the pinnacle of their field. Our talented professionals show up every day knowing they will engage in meaningful work, continuous learning and professional development.

As one of the world's leading law firms, we serve a broad range of clients with market-leading practices in private equity, M&A and other complex corporate transactions; investment fund formation and alternative asset management; restructurings; high-stakes commercial and intellectual property litigation; and government, regulatory and internal investigations. We handle the most complicated and sophisticated legal matters because we don't just meet industry standards, we create them. We bring innovation and entrepreneurialism to every engagement and, as a result, have long-standing client relationships with leading global corporations and financial sponsors. With 6,500 employees (including 3,500 lawyers) operating from 20 offices across the United States, Europe, the Middle East and Asia, we are one of the largest law firms in the world and a top financial performer.

Essential Job Functions

The Technical Vulnerability Lead position is to identify, manage, coordinate and report security and compliance vulnerabilities for the Firm. This role will utilize expertise within information security to discover, analyze and characterize risks to our network, applications, databases, and other components of our information systems. The role work as part of cross collaboration team to manage and track vulnerabilities and compliance remediations, working with other technical teams to ensure vulnerabilities and remediations are updated and completed in a required SLA. The person in this role should have experience working with vulnerability and compliance management and creating a program to track and report overall status that will be reported to Leadership on a routine basis. The individual should have a passion about security and stays current on technology and best practices. Since this role will work with multiple teams and management levels, the individual needs to be a concise and clear communicator and requires a minimum of 6 years' experience in security and/or technology, with at least 3 years in a leadership role.

ESSENTIAL FUNCTIONS (This list is not exhaustive and may be supplemented and changed as necessary.)

• Develop and maintain documentation regarding vulnerability SLA's, process, and overall best practices.
• Coordinate and schedule routine meeting with technology teams to review, assess and ensure completion of applied vulnerabilities and compliance remediations.
• Collaborate with Security Governance to research and assess emerging security threats and emergency vulnerability deployment.
• Develop strategies to identify, manage, and mitigate identified threats and vulnerabilities to attain desired risk profile and communicate strategies to key stakeholders.
• Communicate to all levels of IT the importance of vulnerability management and be the driver behind team to ensure we reach completion of critical/high identified vulnerabilities.
• Create and distribute reports to teams and leadership on vulnerability status and metrics.
• Build and maintain strong relationships with vendors and vendor developers, guiding them through the Firm's technology, security, and risk best practices to enhance and develop their products.
• Serve as the technical SME (Subject Matter Expert) for Vulnerability Management and related tools/applications.
• Providing support and guidance to other teams and stakeholders.
• Collaborate with professionals at all levels of the organization.
• Utilize SQL query tools to perform frequent data analysis across various systems, providing clear and accurate data to business users.
• Adhere to the Firm's IT Service Delivery standards and Change Control processes.
• Provide 24x7 operational support. On-call support responsibilities are rotated among the members of the Security Appliations team.

Qualifications & Requirements

Education, Work Experience, Skills

• The Vulnerability Lead must have a BA/BS in computer science, related field, or equivalent experience with Six (6) + years' experience of vulnerability management and security products in a large, global professional services firm.
• The ideal candidate must have good judgment, problem-solving, oral, written and interpersonal communication skills, as well as the ability to work in a fast-paced environment and build positive working relationships. In addition, candidates must be self-motivated, organized, and able to multi-task and effectively prioritize competing demands.
• Experience with SQL, including stored procedures, functions and triggers is required.
• Proactive in escalating issues and pulling in support from other technical experts as required.
• Ability to train and guide junior software developers/analysts.
• Embrace a nimble mindset and adapt quickly to changing requirements and goals in a fast-paced, dynamic environment.
• Staying updated with the latest trend and developments in Security.
• Must be a self-starter and able to work independently with little direction/supervision.
• Strong problem-solving, analytical, and communication skills

Technologies/Software.

Core Technologies

• Cisco Kenna security
• RSA Archer
• Tanium
• ServiceNow
• Microsoft Azure
• Microsoft SQL Server
• Windows Server and Desktop operating system environments

WORK ENVIRONMENT

This job currently operates in a hybrid model, with a combination of in office and remote.

How to Apply

Thank you for your interest in Kirkland & Ellis LLP. To complete an application and submit your resume, please click "Apply Now."

Equal Employment Opportunity

All employment decisions, including the recruiting, hiring, placement, training availability, promotion, compensation, evaluation, disciplinary actions, and termination of employment (if necessary) are made without regard to the employee's race, color, creed, religion, sex, pregnancy or childbirth, personal appearance, family responsibilities, sexual orientation or preference, gender identity, political affiliation, source of income, place of residence, national or ethnic origin, ancestry, age, marital status, military veteran status, unfavorable discharge from military service, physical or mental disability, or on any other basis prohibited by applicable law.

Closing Statement

The www.kirkland.com job postings and recruiting mailbox are for candidates only. If you are a recruiter, search firm or employment agency, and do not have a signed contract with Kirkland & Ellis LLP ("K&E") and have not been asked specifically to submit candidates, you will not be compensated in any way for your referral of a candidate even if K&E hires the candidate. Direct contact with K&E employees in an attempt to present candidates is inappropriate and will be a factor in determining any future professional relationship with the Firm. #LI-Hybrid #LI-AR