Alvarez & Marsal; Disputes and Investigations
Global Cyber Risk Services
Alvarez & Marsal's (A&M's) Global Cyber Risk Services offerings have been developed to assist Boards and Management teams in understanding the organization's Incident Response, Cyber-readiness, and Cyber Strategy development. Our methods are grounded in guidance from the regulatory and industry frameworks and best practices that govern our clients' specific business. Our team of cybersecurity experts provides prioritized findings, observations, recommendations and a roadmap for gap closure. We use expertly developed methodologies, tools and techniques to identify vulnerabilities, system misconfigurations and program deficiencies to improve your organization's overall cyber posture and process maturity.
Our Services:
Strategic Planning & Advisory Services A&M's team of cybersecurity experts includes many former Chief Information Security Officers (CISOs) and senior information security professionals who can help your organization articulate a strategic vision that goes well beyond day-to-day management of cybersecurity. Our team has advised Fortune 500 firms to develop their strategic plans, incorporating and drawing from elements of technology risk, information security, insider threat, and cybersecurity workforce development and retention.
About the Opportunity:
Our Global Cyber Risk Services (GCRS) team is seeking multiple CyberSecurity Consultants and Senior Consultants. As a Consultant within the GCRS team, you will be a key part of that growth. Working with companies across all industries, you will develop your career by communicating creative solutions for the client's specific needs. It's all about listening to and understanding our clients to give them a truly exceptional experience in a field where there really are no off-the-shelf recommendations. As cyber-crime continues to threaten businesses - large and small, hackers are improving their tactics, techniques and procedures faster than corporate security teams can keep up. Increasingly organized and collaborative, their methods grow more sophisticated each year. When our clients don't have the knowledge or resources to take-on the threat of a cyber-attack, they look to us for help.
Key Responsibilities:
The nature of this role means no two projects will be the same. You're likely to balance your time between directly liaising with our clients to understand their situation and create an appropriate response plan. It's all about using your investigative savvy to creatively assess and resolve our clients' needs from the front lines.
Skills and attributes for success:
Perform and/or lead technical security assessment projects for clients of all sizes across industries.
Take responsibility for managing projects, including taking ownership of client communication, coordinating internal resources and planning and executing technical assessment activities.
Communicate information security and technology issues verbally on both a formal and informal basis to all levels of client staff, ranging from senior executives to user representatives. Deal with client discussions in an unstructured environment and produce high-quality written technical reports and documents.
Work independently to manage and execute multiple projects in diverse client environments, ensure that appropriate management is apprised of project status, bring projects to completion and follow up with clients regarding results.
Gain a clear understanding of client environment, identify client needs, and effectively communicate solutions.
Develop tools for internal team use. Actively contribute to the maintenance and enhancement of team systems and processes.
Develop and complete an education plan to grow your skills consistent with client needs.
Assist other team members with their efforts toward this goal.
Conduct research on security topics and develop tools and documentation to assist security team activities.
Promote awareness of the team whether by building relationships with internal customers, publishing whitepapers or advisories, participating in marketing materials, or presenting at conferences.
Qualifications:
A bachelor's degree, supported by approximately 1-3+ years relevant work experience
Minimum of one year consulting experience
Prior work with a strong emphasis on security and technical assessments
Direct responsibility for one of the following: technical security assessment, security controls gap assessment, policy and process design or review, network defense, application security, or security administration.
Familiarity with of one or more of the following compliance frameworks and standards: NIST SP 800-53, NIST CSF, DFARS/NIST SP 800-171, ISO/IEC 27000, HIPAA, PCI.
Ability to occasionally work weekends and/or off hours as necessary to meet clients' needs
Ability to effectively communicate with clients
Strong written and verbal communication skills with the ability to effectively interact with all stakeholders
Proven ability to maintain and create technical documentation for the enterprise-level customers
Strong analytical skills with the ability to demonstrate solid attention to detail and a penchant for accuracy
History of balancing competing priorities with the ability to adapt to the changing needs of the business while meeting deadlines
Ability and willingness to travel as needed
Industry certifications such as CISSP, OSCP, OSCE, SANS GIAC certifications or similar
Development and/or source code review experience in one or more of these languages is a PLUS: C/C++, C#, VB.NET, ASP, PHP, Python or Java
Diversity & Inclusion
A&M's entrepreneurial culture celebrates independent thinkers and doers who can positively impact our clients and shape our industry. The collaborative environment and engaging work-guided by A&M's core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity-are the main reasons our people love working at A&M. Inclusive Diversity means we embrace diversity and we foster inclusiveness. It runs through how we recruit, develop employees, conduct business, support clients, and partner with vendors. It is the A&M way.
Voluntary Inclusion
It is Alvarez & Marsal's policy to provide and promote equal opportunity in employment, compensation, and other terms and conditions of employment without discrimination because of race, color, sex, sexual orientation, gender identity, family medical history or genetic information, political affiliation, military service, pregnancy, marital status, family status, religion, national origin, age or disability or any other non-merit based factor in accordance with all applicable laws and regulations.
Unsolicited Resumes from Third-Party Recruiters
Please note that as per A&M policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters were engaged to provide candidates for a specified opening. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that A&M will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.
