Senior Consultant – Cybersecurity – Cyber Threat Resilience
USA Teaching
Job description
In a rapidly changing cybersecurity threat landscape, clients from all industries look to us for trusted solutions for increasingly complex threats and risks. As a member of our Cyber Threat Resilience team, you’ll be right at the heart of that goal, helping clients gain insight and context to their cyber threats - assessing, improving, and building security operations to mitigate these threats. You’ll get to use your technical and business skills in order to help us drive this mission and have an impact on cybersecurity at a global level.
The opportunity
You’ll work alongside respected industry professionals, learning about and using the latest tools and techniques to identify and overcome some of the most relevant and pressing security issues in the world. It’s a highly specialized area, where you’ll learn highly sought-after technical skills, all while developing your relationship management abilities – often by working directly on-site with our clients.
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by servicing our client’s unique and challenging needs, attending and speaking at top security conferences around the world, sharing knowledge on a variety of topics with key industry groups, and taking best-in-industry training. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences, publishing white papers and blogging.
As part of our Cybersecurity Consulting practice, you’ll assist clients in identifying potential threats, vulnerabilities, and deficiencies in their environments and aid them by bolstering their cybersecurity maturity and resilience.
Your key responsibilities
· Execute security assessments to identify potential threats, vulnerabilities, and deficiencies in client environments.
· Conduct research, develop, and implement solutions to protect our clients against new attack techniques and threats.
· Solve challenging technical problems and devise creative solutions.
· Perform in-depth analysis of testing results, create reports that articulate findings, and develop risk mitigation recommendations.
· Manage engagement execution and ensure project timelines remain on track.
· Manage multiple competing priorities, thrive in a matrixed organization and work independently as well as part of diverse teams as the situation requires.
· Coach and provide technical leadership/advice to junior team members and encourage them to take ownership of their engagements and development.
To qualify for the role, you must have
· Bachelor’s Degree in Computer Science, Computer Engineering, Cybersecurity, Management Information Systems or related field
· A minimum of 3-5 years of work experience in cybersecurity
· Familiarity and understanding with one or more of the below:
· Proficiency with one or more Endpoint Detection and Response Tools (Tanium, CrowdStrike, Carbon Black, Wazuh, OSQuery, etc.).
· Strong preference to candidates with Tanium and/or CrowdStrike experience beyond their core EDR functionalities.
· Experience with threat actor simulation tools, such as AttackIQ, XMCyber, or MSV/Verodin.
· Experience with the implementation and or operation of industry leading SIEM/SOAR tools such as Splunk, QRadar, LogRythm, Cortex XSOAR, Phantom, Siemplify, etc.
· Experience with at least one of the following:
· Performing incident response efforts against advanced threat actors or having been a part of a formal incident response team.
· The collection, processing, and analysis of host, log, and network-based evidence in an effort to triage systems for malicious activity or develop an incident narrative for a compromised host.
· Compromise, vulnerability assessment and/or penetration testing of commercial, consumer, and industrial environments.
· Experience and the capability to analyse, disassemble, and reverse engineer malware.
· Having participated in internal or external red teaming, blue teaming, or purple teaming exercises.
· Performing incident post-mortem efforts and developing solutions to protect People, Process, and Technology addressing security risks and ensuring timely escalation of future incidents.
· Contribution to a cyber intelligence capability to identify potential threats, delivering strategic reports, and strategies to minimize the impact of the threat.
· Development of security requirements by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture/platform, identifying integration issues, and preparing estimates.
· Experience with one or more scripting language, e.g., PowerShell, Python, PHP, Ruby, etc.
· Experience effectively and efficiently managing projects from start to finish.
· Deep understanding of Windows, Linux, Unix, MacOS and other major operating systems.
· Knowledge and familiarity of common security technologies such as EDR, SIEM, Vulnerability Management, IDS/IPS, UBA, DLP, and other solutions.
· Strong written and verbal communication skills with the ability to interact with senior management, technical teams, and key client stake holders to convey complex technical security concepts to both technical and non-technical audiences.
· Willingness and ability to travel domestically and internationally to meet client needs; estimated 50% travel required annually, after travel restrictions have been lifted and the safety of team and the client are not at risk.
Ideally, you’ll also have
· Experience evaluating the technical and non-technical aspects of mature cybersecurity programs from security operations, legal and regulatory requirements, business enablement, governance, risk management, and identity and access management.
· Experience and familiarity with cloud-based environments and hosting.
· Experience with automation of repeatable tasks.
· Experience developing and implementing a remediation strategy based on identified gaps in a client environment.
· Deep understanding of SOC operations, design, technology, and management proficiency with domain administration, network architecture and design, and navigating change control procedures.
· Understanding of hardware, firmware, network and application security.
· Understanding of common attack vectors against devices, applications, and operating systems.
· Experience with design and operation of modern network technologies and security, including IP, Ethernet, fiber/optical, and mobile (5G/FWA) networking
· Understanding of networked product security including firmware, hardware, and management control plan threat-modeling and testing
· Networking Certifications like JNCIS-SP/SEC. CCNP-SP/SEC/CCP, or similar
· Knowledge and familiarity of common security technologies such as EDR, SIEM, Vulnerability Management, IDS/IPS, UBA, DLP, Firewalls, WAPs,
· Proficiency with consulting engagement methodologies and approach, understanding how to apply a technical skill or ability to a client need.
· Familiarity with the latest events, threat actors, vulnerabilities, security trends, and mitigations in cybersecurity.
· Familiarity with cybersecurity frameworks and published documentation MITRE ATT&CK, CIS Top 20, OWASP Top 10, NIST 800-53, ISO 27001, etc.
· An industry leading certification: CISSP, CISM, GMON, GFCE, GPEN, GREM, GNFA, etc.
What we look for
We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your expertise, we’ll turn to you to speak up with innovative ideas that could make a lasting difference not only to us – but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.
What working at EY offers
We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
Plus, we offer:
· Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
· Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
· Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
· Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
About EY
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2021 a reality.
Join us in building a better working world. Apply today.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.