Senior Associate, Cyber Risk

Company: Kroll
Location: Far Rockaway
Posted on: April 10, 2021

Job Description:

Kroll, a division ofDuff & Phelps and part of the Governance, Risk, Investigations and Disputesbusiness unit, is the leading global provider of risk solutions. For more than45 years, Kroll has helped clients make confident risk management decisionsabout people, assets, operations and security through a wide range ofinvestigations, cyber security, due diligence and compliance, physical andoperational security, and data and information management services. Kroll?s Cyber Risk teamworks on thousands of cybersecurity related incidents and engagements a year,including some of the most complex and highest profile matters in the world.With experts based around the world, supported by ground-breaking technology,we can help protect our client?s data, people, operations and reputation withinnovative investigations, response and proactive assessments. Our clients also counton us for rapid, expert support in the event of a cyber incident or attack; wehelp clients of all sizes respond to incidents and restore stability through deepincident response, investigations, and digital forensics services as well asthrough eDiscovery, breach notification, identity monitoring and restorationservices for individuals affected by a data breach. This position is remote.RESPONSIBILITIES:We are looking for bright, motivated, and inquisitive minds to join our KrollResponder 24x7 monitoring and response team who are experienced in andpassionate about modern cyber threat hunting and active response. Our Senior Associates use leadingendpoint detection and response tools to rapidly identify, investigate, andrespond to threats and threat actors impacting systems and networks around theglobe every day.* Perform ongoing threat hunting,analysis, containment, and remediation of threats identified through advancedendpoint detection and response (EDR), endpoint prevention (EPP), SIEM, andrelated security tools.* Collect and review relevant forensicartifacts to identify root cause and understand nature of threats.* Develop and communicate written andverbal threat reports associated with events to customers.* Assist in ongoing research,development, and testing of enhanced threat detection and response tools, techniques,and indicators.* Support incident engagement teamswith active intrusion detection and response tasks.* Conduct threat research, forensic analysis, and basicmalware analysis of threats.* Actively participate in related client meetings andteleconferences.* Assist clients with questions regarding threat detections,EDR tools, deployment, and maintenance. REQUIREMENTS:* Bachelor?s degree or higher inComputer Science, Cyber Security, Computer Engineering, or similartechnical degree.* Minimum 3 years? experience inthreat hunting, detection, and response or equivalent experience.* Ability to respond rapidly, multi-task, and communicateeffectively both verbally and in writing with customers, team members, andengagement managers.* Highly motivated, tenacious, assertive problem solverwith a desire to analyze root cause and reach effective conclusions toactive intrusions and incidents on an ongoing basis both individually andas part of larger response teams.* Solid understanding of Windows operating systemfundamentals, architecture (File System, registry, processes, binaries,DLL?s, etc.) and administration concepts. Similar understanding of MacOS and/or Linux a plus.* Prior experience actively using endpoint threatdetection and response (EDR) products to investigate threats such as VMWareCarbon Black, Windows Defender ATP, Crowdstrike Falcon, Sentinel One, TrendMicro XDR, Tanium, or others. * Understanding of common threat actor techniques, malwarebehavior and persistence mechanisms.* Working knowledge of various scripting languages andtools (PowerShell, Python, VB, Yara) * Working knowledge of TCP/IP and related networkingconcepts.* Prior experience using Splunk or other SIEM solutions,intrusion detection solutions, or related security products.* Relevant cyber security certifications including CISSP,GCIA, GCIH, GCFA, GMON, or GREM a plus.* Excellent written and verbal communication skills* Availability for occasional after-hours, weekends, and/orholiday work in response to active incidents.* Must be a US citizen or a green card holder

Keywords: Kroll, New York , Senior Associate, Cyber Risk, Other , Far Rockaway, New York