Cyber Defense Senior Associate

Grant Thornton 1/8/2019 6:01:02 PM
JOB ID: 042504 Specialty:
Chicago, Illinois

   

DOWNLOAD PDF

 


Grant Thornton is collaborative, entrepreneurial and on the move. As part of a dynamic global organization of 47,000 people serving clients in more than 140 countries, we have the agility and focus it takes to be a leader.

Cyber Defense Senior Associate - Design and Operate

Position Summary

Grant Thornton’s Advisory professionals are progressive thinkers who create, protect, and transform value today, so our clients have the opportunity to thrive and grow. Our advisory practice creates holistic solutions delivered by innovative, curious professionals who bring technical depth and industry insight to our clients. The Business Risk Services (BRS) practice protects value. The BRS Practice includes Risk Advisory Services, Forensic Advisory Services and Data Analytics.

The professionals in Grant Thornton's Cyber Risk Advisory practice help organizations build cybersecurity strategy into their overall business strategy. This includes supporting our clients to identify and understand their cyber risk exposure, design and implement cybersecurity programs and solutions to mitigate cyber threats and protect their assets, and respond to cyber-attacks and incidents. Grant Thornton’s Cyber Risk Advisory practice is in high-demand and rapidly growing, offering a rewarding and challenging working environment and great career growth potential.

As a member of Grant Thornton’s Cyber Defense Solutions team, you will have the opportunity to collaborate with our clients and deliver technical consulting services across a broad spectrum of design, assessment, operations, and response.

The Senior Associate is responsible for delivering a full range of services to clients and all phases of project and engagement management for clients. Responsibilities include cybersecurity engagement management, performance of cybersecurity assessments, design and implementation of operational security solutions, assessing and responding to potential incidents, and supporting other Grant Thornton Cyber Risk colleagues.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Assist with the performance of compromise assessments and breach response efforts to identify indicators of compromise within an organization’s network and systems, provide guidance to contain risks, assist with response efforts, and provide guidance to reduce future risks.

Support the performance of technical cybersecurity assessments, integrations, and incident response.

Conduct cybersecurity control assessments in accordance with industry frameworks and leading practices.

Support the management of engagements including planning, execution, and reporting.

Develop and document engagement fieldwork, notes, communications, results and deliverables.

Develop and present tailored recommendations to mitigate cyber threats and risks to both a technical and executive audience.

Lead, train, and mentor other Cyber Risk team members on client engagements and develop cohesive and effective teams.

Proactively interact with key client management to foster a positive relationship, gather information, resolve problems and make recommendations for improvements.

Assist firm partners and senior management on business development opportunities and new client pursuits, including proposals and prospective client meetings.

Attend professional development and training sessions on a regular basis.

Remain current and apply knowledge of cybersecurity trends and risks.

Adhere to the highest degree of professional standards and strict client confidentiality.

Other job duties as assigned.

Qualifications

3+ years of related cybersecurity experience in a similar consulting practice or function, servicing cross-industry clients at a national level.

Experience with the secure configuration of various infrastructure platforms and devices such as Microsoft Windows, Unix / Linux, and common network devices (routers, switches, firewalls).

Documentation of technical testing and assessment results in a formal report format and presenting results to both a technical and executive audience.

Ability to communicate clearly in English both in writing and orally including the ability to take notes and communicate action items in a professional manner.

Excellent analytical, organizational and project management skills.

Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.

Working knowledge of cybersecurity industry best practices and guidance, including NIST Cybersecurity Framework, OWASP, CIS Critical Security Controls, ISO 27001/2.

Understanding of TCP/IP protocol suite.

Expertise in security architectures (external, internal, cloud) with a strong understanding of demonstrating solutions delivery, principles, and emerging technologies. While having the ability to identify security design gaps in existing and proposed architectures and recommend changes or enhancements.

Deep understanding and proven experience designing, building, and implementing enterprise security systems in real production environments.
Ability to understand business and technology strategies and align them to frameworks, standards, and security objectives.
Staying abreast of current and emerging security threats and having the ability to design security architecture elements to mitigate threats as they emerge.
Experience with Java, Python, Perl, MySQL, MongoDB, Hadoop, Kibana, other scripting and programming languages
Experience in project management and the ability to clearly communicate security technology issues verbally on both a formal and informal basis to all levels of client staff.

Ability to work additional hours as needed and travel on a regular basis to clients as required. Travel for this position can go as high as 60%.

Experience with the secure configuration of various infrastructure platforms and devices such as Microsoft Windows, Unix / Linux, and common network devices (routers, switches, firewalls).

Documentation of technical testing and assessment results in a formal report format and presenting results to both a technical and executive audience.

Ability to communicate clearly in English both in writing and orally including the ability to take notes and communicate action items in a professional manner.

Excellent analytical, organizational and project management skills.

Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.

Ability to lead other firm staff and assigned projects effectively.

Ability to manage multiple client engagements and competing priorities in a rapidly growing, fast paced, interactive, results based team environment.

Strong leadership, recruiting, training and mentoring skills, coupled with excellent verbal, written and presentation skills.

Ability to work additional hours as needed and travel on a regular basis to clients as required.

Experience in assessing and reporting on cyber security programs based on standards.

Desired Skills and Experience

Bachelor's and/or Master’s degree in Information Technology, Computer Science or Cybersecurity related field

Experience with enterprise system and network administration to include common change management and patching processes.

Experience as a network manager or system administrator

Hands on experience performing breach response in a large organization preferred

Threat assessment and threat intelligence platform knowledge and experience.

Assessing, designing and implementing end-point security solutions and platforms

Hands-on working experience with relevant enterprise technology (E.g. McAfee, Symantec, Carbon Black, etc.)

Experience with log management, SIEM, or big data solutions

Linux shell experience to include basic file functions, system administration, and common shell languages (i.e. Python, Perl, REGEX, etc.)

2+ years of IT operations or administration experience desired.

2+ years as a dedicated incident handler or incident manager

Experience with incident handling methodologies such as CERT/CC.

Experience with a large-scale incident response

One or more of the following technical certifications is desired:

CISSP, SCP CISM, CCIH, CISA, GCED, GCIA, GCIH, GESC

Benefits

Grant Thornton LLP promotes a nationally recognized culture of health and offers an extensive array of benefits to meet individual lifestyles. For a complete list of benefits, please visit www.gt.com.

Founded in Chicago in 1924, Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd., one of the world’s leading organizations of independent audit, tax and advisory firms. Grant Thornton has revenues in excess of $1.7 billion and operates 59 offices across the U.S., with more than 590 partners and 8,500+ employees in the United States and at our Shared Services Center in Bangalore, India.

Grant Thornton works with a broad range of publicly and privately held companies, government agencies, financial institutions, and civic and religious organizations. Core industries served include consumer and industrial products, healthcare, financial services, not-for-profit, private equity, and technology. Grant Thornton focuses on serving dynamic organizations that pursue growth holistically — whether through revenue improvement, leadership, mission fulfillment or innovation.

It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability or any other characteristic protected by applicable federal, state or local law.






Requisition ID: 042504

Chicago, IL
Chicago, Illinois




APPLY TO THIS JOB