Consultant - Cyber Security Analyst

WHO WE NEED:

What You'll Do

• Best practice reviews. 
• Developing realistic and effective action plans.
• Breaking apart goals into actionable steps. 
• Advising on vendor selection and oversight.
• Creating and implementing policies, procedures, and control measures. 
• Evaluating each client’s advancement toward goal actualization through key performance indicators (KPIs) and scoring matrices. 
• Special projects or other areas of need.

Who You Are

• Implement and assist with the day-to-day operations of securing the firm’s various information systems by providing technical expertise in all areas of network, system, and application security.
• Protect sensitive information by installing and configuring security software like firewalls and encryption programs.
• Monitor network traffic and analyze records like authentication logs to identify and investigate anomalies to prevent and detect security incidents.
• Lead the firm's vulnerability management program, conduct the annual cybersecurity assessments and penetration tests, and research and report on emerging threats, to help the firm take pre-emptive risk mitigation steps.
• Implement organization-wide security best practices to protect the business against existing, new, and emerging security threats.
• Test and analyze the organization’s business continuity and disaster recovery plan to ensure operations will continue in the event of a cyberattack or natural disaster.
• Assesses new security technologies to determine potential value for the firm.
• Execute and carry out firm incident response program to identify and prevent all potential breaches (internal or external), or misuse of data, that may occur.
• Review, investigate, and respond to real-time alerts within the environment.
• Generate real-time and historical reports for internal and external stakeholders regarding security and/or compliance violations.

Qualifications

• A Bachelor’s degree in Computer Science, Computer Engineering, Information Systems, Information Sciences, or a related field, with a strong academic record.
• One or more of the following certifications: CEH, CISM, CompTIA Security+, CISSP, GSEC, GCIH, GNFA, GREM or other related SANS certifications.
• 5+ years of specific experience as a Cybersecurity Analyst at a hedge fund or family office.
• Working experience with one or more of the following technology vendors and products: Splunk Cloud, Rapid7 Nexpose Vulnerability Scanner, Sophos Antivirus, Varonis DatAlert, ForeScout CounterACT, or similar.
• Thorough understanding of Microsoft’s enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems.
• In-depth knowledge of security event management, network security monitoring, investigating common types of attacks, network packet analysis, log collection and analysis, and reviewing security events.
• Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST, Cobit, and ISO.
• Strong writing and presentation skills are requiredin order to communicate findings and recommendations, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff.