Information Security Threat Analyst

Gibson DunnNew York, NY
$120,000 - $150,000Hybrid

About The Position

Gibson Dunn is a leading global law firm, advising clients on significant transactions and disputes. Our exceptional teams craft and deploy creative legal strategies that are meticulously tailored to every matter, however complex or high-stakes. The firm’s work is distinguished by a unique combination of precision and vision. Based in New York, the Information Security Threat Analyst is responsible for detecting, investigating, and responding to information security events and incidents across the firm. The ideal candidate will have a strong background in law firm technology and a very good grasp of global law firm culture and its associated high sensitivity environment. Given the nature of the role, having the ability to build a level of trust with a wide array of stakeholders is of key importance. This role reports to the Incident Response Lead.

Requirements

  • University degree in a technology related discipline preferred.
  • 3 years of experience working within the technology function, preferably within a global law firm, including significant time in dedicated information security roles with a focus on incident response and detection.
  • Demonstrable experience with the core technologies used within a global law firm.
  • Proven discretion in handling highly confidential and privileged information, with sound judgment in a high-sensitivity environment.

Nice To Haves

  • Working knowledge of recognized security frameworks such as ISO27001 is helpful

Responsibilities

  • Analyze and respond to security events and alerts generated by the firm’s security technologies, end users, and Managed Security Service Providers (MSSPs).
  • Play a significant role in containing and remediating information security incidents, escalating in line with defined workflows and any relevant SLAs.
  • Review alerts, context, and logs using the firm’s security information and event management (SIEM) platform and related tooling, and thoroughly document the results of investigations.
  • Manage the firm’s threat intelligence feeds, with a particular focus on improving the quality, relevance, and actionability of the sources consumed.
  • Define and own the firm’s forward-looking threat intelligence strategy, particularly as AI reshapes the threat landscape.
  • Establish a proactive threat hunting capability to identify threats and anomalous activity within the firm’s environment before they escalate.
  • Build out and mature the firm’s digital forensics capability, including the selection and operation of appropriate forensics tooling.
  • Conduct forensic analysis in support of investigations involving firm devices and data, coordinating with the wider InfoSec team, the Office of the General Counsel (OGC), and Human Resources (HR) as required.
  • Ensure evidence is collected and preserved in a forensically sound manner, maintaining documented chain of custody appropriate to a legal environment and to potential litigation or regulatory review.
  • Serve as the internal owner for red and purple team engagements, defining the firm’s requirements, scope, and objectives for these specialized exercises.
  • Manage the relationship with the third-party providers who deliver these engagements and ensure findings are tracked through to remediation.
  • Provide ongoing oversight and coordination of the firm’s existing security vendors, ensuring they deliver against expectations and contractual commitments.
  • Act as a key internal point of contact to keep vendor activity aligned with the firm’s security priorities.
  • Support security due diligence and assessment of third-party vendors that handle firm or client data, in coordination with the firm’s procurement and risk functions.

Benefits

  • health care
  • retirement benefits
  • paid days off, including sick time, and vacation time
  • parental leave
  • basic life insurance
  • Flexible Spending Accounts
  • discretionary, performance-based bonuses
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service