Senior Associate, Cybersecurity (Contingent)
Kroll, a division of Duff & Phelps and part of the Governance, Risk, Investigations and Disputes business unit, is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services.
Kroll's Cyber Risk team works on hundreds of cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we can help protect our client's data, people, operations and reputation with innovative cyber risk assessments, investigations and reporting. We help enable organization to be more cyber resilient by preparing for and detecting incidents through risk assessments, penetration testing and threat detection/intelligence services. Our clients also count on us for quick and expert support in the event of a cyber breach or attack; we help clients - of all sizes -respond to incidents and restore stability through digital forensics, breach notification, and identity monitoring and restoration services for individuals affected by a data breach. RESPONSIBILITIES:
The Cyber Security Senior Managing Consultant will perform complex technical assessments and auditing of our client's information security programs to assess the maturity of an organization's information security program and make recommendations for improvement.
- Interview business stakeholders and evaluating business processes
- Perform in-depth technical reviews including; the evaluation of Windows and Linux systems, database configurations, application auditing, network device (e.g. routers, switches, firewalls) configurations, and security solutions (e.g. IDS/IPS, SIEM, DLP) for onsite and remote security assessments
- Take ownership of projects and deliverables
- Handle a broad range of business intelligence and investigatory projects and cases
- Conduct research and analysis through the use of in-house as well as external resources
- Produce accurate, high quality client reports
- Contribute to the development of new opportunities
- Bachelor's degree required
- Excellent written and verbal communication skills
- Industry Certifications including GIAC, CISSP, CISA, CCNP, CCIE, MCSE
- Minimum 2 to 4 years hands-on Administration experience with Windows operating systems
- Minimum 2 to 4 years hands-on Administration experience with Linux or UNIX operating systems
- Minimum 3 to 5 years hands-on experience managing and maintaining networks
- Minimum 3 to 5 years hands-on experience administering Firewalls
- Must be familiar with Active Directory, GPO, WSUS, SCCM, NTFS, etc.
- Must be familiar with network concepts such as VLANs, ACLs, Routing, SNMP, etc.
- Must be familiar with WiFi technologies and WiFi security best practices
- Experience with scripting languages is a plus
- Experience with Virtual environments such as VMWare or HyperV is a plus
- Experience with Security Information and Event Management (SIEM) solutions is a plus
- Experience with Data Loss Prevention (DLP) solutions is a plus
- Software development and Penetration Testing experience is a plus
- Ability to meet all requirements required for Private Investigator licensure
- Travel up to 25% based on client needs
- Possess one or more cyber security or forensics related industry certifications, including, but not limited to, the following: CISSP, GCIH, GCFE, GCIA, ENCE, ACE
- Ability to travel up to 25% as required to support response activities.
In order to be considered for a position at Duff & Phelps, you must formally apply via careers.duffandphelps.jobs
Duff & Phelps is committed to equal opportunity and diversity, and recruits people based on merit.