Cyber Defense, Senior Associate

Essential Duties and Responsibilities

  • Perform technical security testing, including cyber-attack simulations and threat and vulnerability assessments.
  • Support cybersecurity assessments consisting of security architecture reviews, system configuration reviews and cloud security evaluations.
  • Support cybersecurity incident response readiness activities, including tabletop exercises and evaluations of incident response capabilities.
  • Document results from technical testing performed and develop tailored recommendations to mitigate associated cyber threats and risks.
  • Execute assigned client engagements from start to finish, which includes engagement planning, fieldwork execution and reporting.
  • Remain current and apply knowledge of cybersecurity trends and risks.
  • Communicate (verbally and in writing) externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence.
  • Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements.
  • Develop client relationships with the intention to exceed client expectations.
  • Adhere to the highest degree of professional standards and strict client confidentiality.
  • Participate in professional development activities and training sessions on regular basis.
  • Other duties as assigned.

Required Skills and Experience

  • 3+ years of related cybersecurity experience in a similar consulting practice or function.
  • Experience in one or more of the overarching areas below:
    • Conducting technical security testing, including one or more of the following: cyber-attack simulations, vulnerability assessments, web application testing, and/or penetration testing.
  • Reviewing security architecture deployments and assessing and/or implementing secure configurations for common network devices (routers, switches, firewalls), server operating systems (Windows and Linux) and database management systems.
    • Assessing and/or implementing security solutions and controls within cloud service provider platforms (e.g., AWS, Azure, GCP, O365).
  • Ability to document technical testing and assessment results in a formal report format and present results and recommendations to both a technical and non-technical audience.
  • Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
  • Ability to execute multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
  • Strong professional verbal and written skills.
  • Excellent analytical, organizational and project management skills.

 

Desired Skills and Experience

  • Bachelor’s and/or Master’s degree in Information Technology, Cybersecurity, Computer Science or a related field.
  • One or more relevant technical certifications such as: CISSP, GIAC (GSEC, GCIH, GSIP, etc.), MS-500, AZ-500, AWS Certified Security, Google Cloud Professional Architect / Security Engineer
  • Working knowledge of cybersecurity industry leading practices and frameworks, such as NIST CSF, CIS Controls, CIS Benchmarks, OWASP, MITRE.
  • Familiarity with common threat and vulnerability management and endpoint security solutions.