Ankura Senior Associate, Cybersecurity, Threat Detection Operations in Washington
Ankura is a team of excellence founded on innovation and growth.
Ankura’s Cybersecurity and Privacy Practice is a full-service suite of solutions to respond to clients’ cybersecurity and privacy needs, regardless of industry or size. Our team includes former Big 4 consultants, intelligence community and law enforcement personnel, federal regulators, private security firms, and technology companies. We are equipped and prepared to provide services across a range of areas that include: Proactive Preparedness, Incident Response, Investigations, Cyber Resilience, Data Privacy, Managed Advisory Services and Managed Data Protection Services.
This role is remote but administratively based in Washington, DC.
This position will be responsible for conducting endpoint monitoring engagements for clients for threat detection and containment purposes. Client engagements are both reactive/incident response and managed detection and response in nature. This position will work closely on a daily basis with client security teams, information technology staff, management, breach counsel, and other internal Ankura teams to address threats on endpoint devices. The candidate will have prior hands-on experience with endpoint security tools with capabilities such as Nextgen Anti-Virus (NGAV), Endpoint Detection and Response (EDR) and host-based firewall. Experience in other areas of cybersecurity such as Network Traffic Analysis (NTA), SIEM and SOC is desirable. The candidate will have experience managing workflow and coordinating efforts. Further, the candidate must possess strong interpersonal skills and have the ability to work with cross functional team members.
o Lead endpoint security monitoring engagements that are reactive and managed.
o Perform daily security monitoring of endpoint devices, review alerts, investigate alerts, and provide remediation recommendations
o Work with clients and incident response teams to investigate and resolve security issues
o Prepare daily reports for clients
o Serve as a direct client interface with a range of client stakeholders
o Serve as an endpoint security expert for client endpoint security monitoring engagements.
o Serve as cyber security technical advisor to client organizations and advise on appropriate response activities in the event of a security incident
o Employ deductive reasoning and analysis to make informed decisions and conclusions
o Maintain standard operating procedures
o Bachelor's Degree in a related Cybersecurity/IT/Computer Science field
o 1 – 5 year (s) of relevant experience
o Demonstrated experience and proficiency in the implementation and utilization of endpoint security monitoring solutions including but limited to Anti-Virus (AV), Nextgen Anti-Virus (NGAV), Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), and firewall tools.
o Demonstrated knowledge of network traffic security monitoring and analysis tools, SIEM tools and Security Operations Center (SOC) operations
o GIAC Certified Incident Handler (GCIH)
o GIAC Certified Forensic Examiner (GCFE)
o GIAC Network Forensic Analyst (GNFA)
o GIAC Certified Intrusion Analyst (GCIA)
Ankura is proud to be an equal opportunity employer committed to fostering a diverse and inclusive environment where mutual respect and collaboration is paramount. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity and expression, disability, protected veteran status, national origin, or any other legally protected status.
- Ankura Jobs