Consultant

Job Title: Senior Associate, Cyber Operations

Job Code: 7473

Department: Digital Security Group

Subtitle: Vulnerability and Configuration Monitoring 

 

Key Responsibilities:

• ​​​Apply a fundamental understanding of cyber security operations and monitoring to perform the day-to-day operational responsibility of security monitoring and incident response activities, associated with operations that provide up to 24x7 coverage. Implement efficiencies and improvements.  
• Response activities may include incident response, incident management, driving remediation or threat mitigation, threat hunting, forensic analysis, etc.  Other security operations activities may include identification of weakness (e.g. vulnerabilities / insecure configurations), reviewing/assessing security configuration change requests, driving the coverage of the security monitoring services, etc. 
• Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace. Participate in internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing knowledge sharing sessions.  
• Develop and keep effective working relationships with multiple internal technology groups. Collaborate across multiple internal federated technology groups. Become a go-to subject matter professional to others within the firm to achieve the required goals and objectives. 
• Leverage intelligence, monitor for threats and vulnerabilities and respond accordingly, including the development of risk mitigating approaches. As a continuous feedback loop, incorporate learnings into additional preventive and detective controls. 
• Define or implement security configuration for monitoring tools, including alerts, correlation rules, and reporting. Leverage a combination of vendor products and services, open source and custom developed utilities. 
• Implement or leverage automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes. · Document processes and procedures in the form of playbooks and reference guides. 
• Integrate processes and technologies, with the objective of a "single pane of glass" for monitoring and comprehensive security response process. 
• Provide input into business cases and presentations to leadership of proposed security products and studies. Produce operating metrics and key performance indicators. 
• Active project team member or self-manage small projects, which may include facilitating team meetings; publishing meeting notes and action items; updating project documents and systems; and ensuring timely completion of assigned action items 

 

Qualifications:

• Bachelor’s degree or equivalent work experience with 3-5 years of experience in Cyber security operations, such as data loss prevention, data discovery and classification, threat detection engineering, threat analysis, threat hunting, incident response, vulnerability, and configuration monitoring with the goal of attack surface reduction.​ 
• Experience in security monitoring, security operations, and incident response activities; preferably within a professional services firm or similar environment. 
• Experience creating playbooks and procedures.   
• Experience tuning security monitoring rules, monitoring events, assessing risk, responding to incidents. 
• Hands on network or system administration skills or experience with SIEM and security infrastructure 
• Experience with scripting or automation.  
• Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and teamwork. Experience leading meetings and operating effectively in a matrixed environment. 
• Relevant certifications include CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, and AZ-900

   

Job Title: Senior Associate, Cyber Operations

Job Code: 7473

Department: Digital Security Group

Subtitle: Vulnerability and Configuration Monitoring 

 

Key Responsibilities:

• ​​​Apply a fundamental understanding of cyber security operations and monitoring to perform the day-to-day operational responsibility of security monitoring and incident response activities, associated with operations that provide up to 24x7 coverage. Implement efficiencies and improvements.  
• Response activities may include incident response, incident management, driving remediation or threat mitigation, threat hunting, forensic analysis, etc.  Other security operations activities may include identification of weakness (e.g. vulnerabilities / insecure configurations), reviewing/assessing security configuration change requests, driving the coverage of the security monitoring services, etc. 
• Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace. Participate in internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing knowledge sharing sessions.  
• Develop and keep effective working relationships with multiple internal technology groups. Collaborate across multiple internal federated technology groups. Become a go-to subject matter professional to others within the firm to achieve the required goals and objectives. 
• Leverage intelligence, monitor for threats and vulnerabilities and respond accordingly, including the development of risk mitigating approaches. As a continuous feedback loop, incorporate learnings into additional preventive and detective controls. 
• Define or implement security configuration for monitoring tools, including alerts, correlation rules, and reporting. Leverage a combination of vendor products and services, open source and custom developed utilities. 
• Implement or leverage automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes. · Document processes and procedures in the form of playbooks and reference guides. 
• Integrate processes and technologies, with the objective of a "single pane of glass" for monitoring and comprehensive security response process. 
• Provide input into business cases and presentations to leadership of proposed security products and studies. Produce operating metrics and key performance indicators. 
• Active project team member or self-manage small projects, which may include facilitating team meetings; publishing meeting notes and action items; updating project documents and systems; and ensuring timely completion of assigned action items 

 

Qualifications:

• Bachelor’s degree or equivalent work experience with 3-5 years of experience in Cyber security operations, such as data loss prevention, data discovery and classification, threat detection engineering, threat analysis, threat hunting, incident response, vulnerability, and configuration monitoring with the goal of attack surface reduction.​ 
• Experience in security monitoring, security operations, and incident response activities; preferably within a professional services firm or similar environment. 
• Experience creating playbooks and procedures.   
• Experience tuning security monitoring rules, monitoring events, assessing risk, responding to incidents. 
• Hands on network or system administration skills or experience with SIEM and security infrastructure 
• Experience with scripting or automation.  
• Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and teamwork. Experience leading meetings and operating effectively in a matrixed environment. 
• Relevant certifications include CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, and AZ-900

 

Job Title: Senior Associate, Cyber Operations

Job Code: 7473

Department: Digital Security Group

Subtitle: Vulnerability and Configuration Monitoring 

 

Key Responsibilities:

• ​​​Apply a fundamental understanding of cyber security operations and monitoring to perform the day-to-day operational responsibility of security monitoring and incident response activities, associated with operations that provide up to 24x7 coverage. Implement efficiencies and improvements.  
• Response activities may include incident response, incident management, driving remediation or threat mitigation, threat hunting, forensic analysis, etc.  Other security operations activities may include identification of weakness (e.g. vulnerabilities / insecure configurations), reviewing/assessing security configuration change requests, driving the coverage of the security monitoring services, etc. 
• Stay abreast of the latest information security controls, practices, techniques and capabilities in the marketplace. Participate in internal skills development activities for information security personnel on the topic of security monitoring and incident response, by providing knowledge sharing sessions.  
• Develop and keep effective working relationships with multiple internal technology groups. Collaborate across multiple internal federated technology groups. Become a go-to subject matter professional to others within the firm to achieve the required goals and objectives. 
• Leverage intelligence, monitor for threats and vulnerabilities and respond accordingly, including the development of risk mitigating approaches. As a continuous feedback loop, incorporate learnings into additional preventive and detective controls. 
• Define or implement security configuration for monitoring tools, including alerts, correlation rules, and reporting. Leverage a combination of vendor products and services, open source and custom developed utilities. 
• Implement or leverage automation and orchestration to improve efficiency and effectiveness of security monitoring and response processes. · Document processes and procedures in the form of playbooks and reference guides. 
• Integrate processes and technologies, with the objective of a "single pane of glass" for monitoring and comprehensive security response process. 
• Provide input into business cases and presentations to leadership of proposed security products and studies. Produce operating metrics and key performance indicators. 
• Active project team member or self-manage small projects, which may include facilitating team meetings; publishing meeting notes and action items; updating project documents and systems; and ensuring timely completion of assigned action items 

 

Qualifications:

• Bachelor’s degree or equivalent work experience with 3-5 years of experience in Cyber security operations, such as data loss prevention, data discovery and classification, threat detection engineering, threat analysis, threat hunting, incident response, vulnerability, and configuration monitoring with the goal of attack surface reduction.​ 
• Experience in security monitoring, security operations, and incident response activities; preferably within a professional services firm or similar environment. 
• Experience creating playbooks and procedures.   
• Experience tuning security monitoring rules, monitoring events, assessing risk, responding to incidents. 
• Hands on network or system administration skills or experience with SIEM and security infrastructure 
• Experience with scripting or automation.  
• Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and teamwork. Experience leading meetings and operating effectively in a matrixed environment. 
• Relevant certifications include CISSP, CCSP, CCSK, GSEC, GCIH, GCFE, GCFA, SC-200, CEH, and AZ-900