Solutions for Today’s Challenges. Vision for Tomorrow’s Opportunities.

Join William Blair, the Premier Global Boutique.

William Blair has delivered trusted advice for nine decades, and we continue to deepen our expertise and relationships across regions, asset classes, and markets throughout North America, Europe, Asia, and Australia.

We are committed to our people and culture, values, clients, and local communities.

What sets us apart is that we are an independent partnership, with employees who have unique experiences, perspectives, and backgrounds. We provide advisory services, strategies, and solutions to meet clients’ evolving needs amid dynamic market conditions and varying industries.

We strive to attract the most qualified, passionate candidates who specialize in investment banking, investment management, private wealth management, and a variety of other business functions.

We work tirelessly to create an inclusive culture and take pride in fostering employees’ professional and personal growth. We empower our people to bring their best thinking each day so we can deliver the tailored, thoughtful work and problem-solving abilities that our clients expect.

Equally, we are proud of our long-term partnerships with the communities in which we live and work, a legacy we inherited from our founder.

We invite you to learn about how we are seeking excellence in everything we do and empowering our clients’ success with passion, creativity, and rigor.

Job Description

The Security Operations Analyst will provide subject matter expertise for a variety of technology initiatives and operational support with an emphasis on security technology. Partner with business units as necessary to provide security assurance against cyber-attacks, to include unauthorized access, data loss and other cyber activities that could negatively impact the reputation of William Blair and our customers. Proactively identify security vulnerabilities and mitigation opportunities within the firm. Deliver an Ideal Customer Experience by always executing with integrity, quality, and excellence. Demonstrate an aptitude for maintaining strong security market awareness as well as to recommend, implement, and manage security technologies.

Responsibilities:

• Support daily security operations efforts, including assisting with incident response activities to identify, assess, contain, mitigate all observed threats.
• Investigate alerts generated by security controls and implement/provide recommendations to improve detection capability accuracy.
• Develop and operationalize incident response runbooks with an emphasis on automation and ability to measure incident response effectiveness.
• Work with functional business areas as needed during incident response investigations.
• Document and track incident response investigations, including observed IOCs, systems impacted, criticality and scope of any data exposure, follow-up items.
• Assist with threat hunting and analysis based on operational threat intelligence.
• Draft reports based on threat intelligence, incident response, and risk analysis for consumption by a non-technical audience.
• Provide subject matter expertise and support to the security monitoring solutions.
• Collaborate with network and technology support teams to enhance and improve security processes and documentation.
• Work in partnership with 3rd party security vendors to coordinate day-to-day security operations.
• Stay up to date with the latest security trends and technologies to continuously improve security measures.
• Ensure adherence to policies and procedures.
• Perform other duties as assigned.

Qualifications:

• Bachelor's degree or equivalent work experience in a technology role.
• Security certifications preferred such as SANS, OSCP, ISC2, ISACA.
• A minimum of 5+ years of experience in IT security operations and vulnerability management programs, with specific hands-on expertise in monitoring tools such as Qualys, SIEM, XDR, Cribl, and IDS/IPS.
• Proficient troubleshooting-skills under pressure, automation, and knowledge of scripting and querying language such as PowerShell, Python, and KQL.
• Demonstrates good judgment in working with security technology and processes to ensure appropriate risk – cost/benefit tradeoffs.
• Technical understanding of CVSS/EPSS, OWASP Top 10, MITRE ATT&CK framework, and Vulnerability Exploitability ratings.
• Knowledge of security frameworks, standards, and regulations (NIST, ISO 27000, GDPR, SOX, NIST, etc.).
• Demonstrates initiative and persistence – is self-motivated.
• Excellent written and verbal communication skills.