Your key responsibilities

• Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified
• Forensically analyze end user systems and servers found to have possible indicators of compromise
• Analysis of artifacts collected during a security incident/forensic analysis
• Identify security incidents through ‘Hunting’ operations within a SIEM, EDR and other relevant tools
• Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including obtaining access to systems, digital artifact collection, and containment and/or remediation actions
• Provide consultation and assessment on perceived security threats
• Maintain, manage, improve and update security incident process and protocol documentation
• Regularly provide reporting and metrics on case work
• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact based reports
• Be on-call to deliver global incident response

Skills and attributes for success

• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact-based reports
• Proven integrity and judgment within a professional environment
• Ability to appropriately balance work/personal priorities
• Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
• 7+ years experience in incident response, computer forensics analysis and/or malware reverse engineering
• Understanding of security threats, vulnerabilities, and incident response
• Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
• Be familiar with legalities surrounding electronic discovery and analysis
• Experience with EDR and SIEM technologies (i.e. Splunk)
• Deep understanding of both Windows and Unix/Linux based operating systems

Ideally, you’ll also have

• Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GREM
• Background in security incident response in Cloud-based environments, such as Azure
• Programming skills in PowerShell, Python and/or C/C++
• Understanding of the best security practices for network architecture and server configuration

What we look for

• Demonstrated integrity in a professional environment
• Ability to work independently
• Have a global mind-set for working with different cultures and backgrounds
• Knowledgeable in business industry standard security incident response process, procedures, and life cycle
• Positive attitude and Excellent teaming skills
• Excellent social, communication, and writing skills
• Good presentation skills
• Excellent investigative, analytical, and problem-solving skills

As a Senior Consultant in Offensive Security within our Service Delivery Center, you will play a pivotal role in enhancing our clients' security posture through proactive threat assessments and vulnerability management. You will lead and collaborate with a team of cybersecurity professionals to implement and manage offensive security initiatives, ensuring that security measures are integrated throughout the software development lifecycle while optimizing service delivery processes.

In this role, you will manage and execute penetration testing, red teaming, and security assessments for our clients. You will work closely with cross-functional teams to identify vulnerabilities, develop mitigation strategies, and ensure that security practices align with industry standards. Your expertise will drive the team’s efforts in automating security processes and help our clients build a more secure working world.

Your Key Responsibilities

• Lead, scope, and execute penetration testing projects, including web applications (including black box, white box, and gray box assessments), networks, cloud environments, hardware, and firmware.
• Develop and execute red team and purple team scenarios to identify gaps in organizational security postures and provide actionable recommendations.
• Perform in-depth penetration testing results create comprehensive reports detailing findings, exploitation procedures, risks, and recommendations.
• Stay current with emerging security threats, vulnerabilities, and industry best practices, and promote continual learning within the team.
• Assist in configuring, handling, patching, and updating penetration testing software an supporting infrastructure to ensure optimal performance and security.
• Contribute to the creation and updating of operational metrics for client meetings, providing insights into tool performance and security findings.

Skills and Attributes for Success

• Proven experience in penetration testing and offensive security practices, with a minimum of 5+ years of related work experience.
• Strong knowledge of automation tools and processes, particularly in the context of offensive security and application security.
• Excellent problem-solving skills and the ability to manage multiple security projects simultaneously.
• Effective communication skills to liaise with clients and internal stakeholders, translating complex technical concepts into understandable terms.

To qualify for the role, you must have

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.

• A minimum of ten (10) years’ experience performing penetration tests; or a minimum of five (5) years working in an electric utility in generation, or transmission & distribution performing penetration tests
• Extensive experience with manual attack and penetration testing, including web applications, networks, and cloud environments.
• Proficiency in scripting languages (e.g., Python, Bash, PowerShell) for automation of security tasks.
• Knowledge of Windows, Linux, Unix, and other major operating systems.

Ideally, you’d also have

• Certifications such as CCSP, CSSLP, OSCP, OSWP, GPEN, GWAPT, OSCE, OSEE, GXPN, CISSP, CISM, etc.

• Contributions to the security community, including research, public CVE disclosures, bug bounty acknowledgments, and open-source project involvement.
• Strong analytical skills with the ability to interpret complex information and communicate it effectively.
• Active interest in staying updated on the latest cybersecurity threats and trends, promoting continual learning and adaptation.

What We Offer

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

• Transformative leadership: We’ll give you the insights, coaching and confidence to succeed in high performing teams.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

Your Key Responsibilities

• Effectively lead and motivate service delivery center team who support technology consulting engagements and provide technical leadership with the SRC&R service operations and delivery
• Provide guidance and direction to the on-site GPS SRC&R consultants in identifying process improvements, including junior staff members, enhancing existing SRC&R solutions and operating SRC&R processes as required
• Additional responsibilities include support in the following areas:
  • Assess cybersecurity controls, programs and strategies using our proprietary framework and industry frameworks
  • Operate SRC&R solutions based upon engagement defined policies and procedures
  • Cybersecurity measurements and monitoring development and operations
  • Cybersecurity strategy and roadmap development
  • NIST Risk Management Framework and Assessment and Authorization enhancement, operations and governance
  • Cybersecurity focused Supply Chain Risk Management and/or Third-Party Risk management operations, assessment and enablement
  • Cybersecurity process design and re-engineering
• Drive high-quality work products within expected timeframes.
• Monitor progress and manage risk while ensuring stakeholders are kept informed about progress and expected outcomes
• Use knowledge of industry trends to identify engagement and client service issues and communicate this information to the on-site engagement team through written correspondence and verbal presentations.
• Stay informed of current Cybersecurity industry trends relevant to the services being delivered

Skills and attributes for Success

• Working knowledge of security frameworks and standards such as ISO 27001/2, PCI DSS, NIST 800-53, NIST CSF and the cybersecurity laws and regulations such as FISMA
• Ability to produce high-quality work products within expected timeframes
• Leadership experience

To qualify for the role you must have

• Bachelor's degree in a related field
• A minimum of 5 years of related work experience
• Must be able to obtain and maintain a Secret-level clearance or higher
• Experience in one or more of the following areas:
  • Cybersecurity assessments
  • IT and cybersecurity policies, standards, procedures and controls
  • Cybersecurity strategies and roadmaps
  • Cybersecurity awareness and training
  • Cybersecurity metrics and reporting
  • Cybersecurity organization design and implementation
  • Cybersecurity and risk management solution design and implementation (e.g. SNOW IRM, Archer GRC, RiskLens, Azure Security Center, etc.)
  • Federal RMF solution operations (e.g eMass CSAM, Xacta, etc.)
  • Cybersecurity and IT architecture experience (e.g. cloud security architect, security architect)
  • Flexibility to travel up to 20%

CISSP, CISM, CISA, CIPT, CIPM, CIPP CRISC or other relevant certification

• Prior experience in a service delivery center or similar environment

In a rapidly changing IT environment, clients from all industries look to us for trusted solutions for their increasingly complex risks and vulnerabilities. As a part of our digital identity (DI) and privileged access management (PAM) teams you’ll be right at the heart of that goal, helping clients gain insight and context to their complex PAM environments and assessing, improving, and building infrastructure, processes and policies in order to meet the client’s current and next generation PAM needs. You’ll get to use your technical and business skills in order to help us drive this mission and have an impact on cyber security at a global level.

You’ll work alongside respected industry professionals, learning about and using the latest tools and techniques to identify and overcome some of the most relevant and pressing security issues in the world.

Your key responsibilities

Within the privileged access management team, you’ll work in the following areas:

• Current state privileged access management assessments
• Capability maturity and benchmarking assessments
• Developing PAM strategy and road maps
• Target operating model and governance
• PAM policies, procedures, and standards
• Vendor analysis and assessments

• Design and architecture for PAM transformation.
• PAM Process and policies design and re-engineering
• Implementation, expansion, and integrations
• PAM solution migrations
• Discovery, remediation and onboarding of privileged accounts and secrets
• Operation process automation

Skills and attributes for success

• Effectively lead and motivate client engagement teams and provide technical leadership in the assessment, design, and implementation of security and IT risk solutions
• Foster an innovative and inclusive team-oriented work environment. Play an active role in counselling and mentoring junior consultants within the firm
• Consistently deliver quality client services. Drive high-quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes and assist with business development opportunities.
• Use knowledge of the current IT environment and industry trends to identify engagement and client service issues, and communicate this information to the engagement team and client management through written correspondence and verbal presentations. Stay abreast of current business and industry trends relevant to the client's business.

To qualify for the role, you must have.

• A bachelor's degree in a related field and approximately 5 years of related work experience; or a graduate degree and approximately 4 years of related work experience
• Experience in one or more of the following:
  • Privileged access management solutions including design or implementation of PAM technologies (such as CyberArk, BeyondTrust, Delinea, HashiCorp);
  • Role-based access control including design and development of user access roles.
  • Experience in secret management solutions including understanding of DevOps (Ansible, Jenkins, Gitlab, Kubernetes, terraforms) and cloud (Azure, AWS and GCP) solutions sets.
  • Ability in Windows, Linux, and Unix operating systems
  • Exposure to the IGA solutions (SailPoint or Saviynt)
  • Exposure to the scripting and programming languages (PowerShell, Java, C#) and Microsoft office (word and PowerPoint, Visio)
• An understanding of access control concepts including directory services, SAML, LDAP, PKI
• Experience in process definition, workflow design, and process mapping.
• A valid driver's license in the US and a valid passport required; willingness and ability to travel internationally and a willingness to travel; travel is estimated at 40-60%

Ideally, you’d also have

• Strong presentation and communication skills and ability to speak with director and VP levels.
• CISSP, CISM, CISA, CIPT, CIPM, CRISC or other relevant certification desired; non-certified hires are required to become certified within 1 year from the date of hire.
• CyberArk, BeyondTrust, Delinea, HashiCorp, vendor certifications are desired.

Your key responsibilities

• Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified
• Forensically analyze end user systems and servers found to have possible indicators of compromise
• Analysis of artifacts collected during a security incident/forensic analysis
• Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools
• Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
• Provide consultation and assessment on perceived security threats
• Maintain, manage, improve and update security incident process and protocol documentation
• Regularly provide reporting and metrics on case work
• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact based reports
• Be on-call to deliver global incident response

Skills and attributes for success

• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact-based reports
• Proven integrity and judgment within a professional environment
• Ability to appropriately balance work/personal priorities

To qualify for the role you must have

• Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
• 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering;
• Understanding of security threats, vulnerabilities, and incident response;
• Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis;
• Be familiar with legalities surrounding electronic discovery and analysis;
• Experience with SIEM technologies (i.e. Splunk);
• Deep understanding of both Windows and Unix/Linux based operating systems;

Ideally, you’ll also have

• Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH
• Background in security incident response in Cloud-based environments, such as Azure
• Programming skills in PowerShell, Python and/or C/C++
• Understanding of the best security practices for network architecture and server configuration

What we look for

• Demonstrated integrity in a professional environment
• Ability to work independently
• Have a global mind-set for working with different cultures and backgrounds
• Knowledgeable in business industry standard security incident response process, procedures, and life cycle
• Excellent teaming skills
• Excellent social, communication, and writing skills