Kroll, a division of Duff & Phelps and part of the Governance, Risk, Investigations and Disputes business unit, is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services. Kroll's Cyber Risk team works on hundreds of cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we can help protect our client's data, people, operations and reputation with innovative cyber risk assessments, investigations and reporting. We help enable organization to be more cyber resilient by preparing for and detecting incidents through risk assessments, penetration testing and threat detection/intelligence services. Our clients also count on us for quick and expert support in the event of a cyber breach or attack; we help clients - of all sizes -respond to incidents and restore stability through digital forensics, breach notification, and identity monitoring and restoration services for individuals affected by a data breach.
RESPONSIBILITIES:
The Senior Associate, Cyber Risk will perform complex technical assessments and auditing of our client's information security programs to assess the maturity of an organization's information security program and make recommendations for improvement.
Interview business stakeholders and evaluating business processes
Perform in-depth technical reviews including; the evaluation of Windows and Linux systems, database configurations, application auditing, network device (e.g. routers, switches, firewalls) configurations, and security solutions (e.g. IDS/IPS, SIEM, DLP) for onsite and remote security assessments
Take ownership of projects and deliverables
Handle a broad range of business intelligence and investigatory projects and cases
Conduct research and analysis through the use of in-house as well as external resources
Produce accurate, high quality client reports
Contribute to the development of new opportunities
REQUIREMENTS:
Bachelor's degree required
Excellent written and verbal communication skills
Industry Certifications including GIAC, CISSP, CISA, CCNP, CCIE, MCSE
Minimum 2 to 4 years hands-on Administration experience with Windows operating systems
Minimum 2 to 4 years hands-on Administration experience with Linux or UNIX operating systems
Minimum 3 to 5 years hands-on experience managing and maintaining networks
Minimum 3 to 5 years hands-on experience administering Firewalls
Must be familiar with Active Directory, GPO, WSUS, SCCM, NTFS, etc.
Must be familiar with network concepts such as VLANs, ACLs, Routing, SNMP, etc.
Must be familiar with WiFi technologies and WiFi security best practices
Experience with scripting languages is a plus
Experience with Virtual environments such as VMWare or HyperV is a plus
Experience with Security Information and Event Management (SIEM) solutions is a plus
Experience with Data Loss Prevention (DLP) solutions is a plus
Software development and Penetration Testing experience is a plus
Ability to meet all requirements required for Private Investigator licensure
Travel up to 25% based on client needs
Possess one or more cyber security or forensics related industry certifications, including, but not limited to, the following: CISSP, GCIH, GCFE, GCIA, ENCE, ACE
Ability to travel up to 25% as required to support response activities.
In order to be considered for a position at Duff & Phelps, you must formally apply via careers.duffandphelps.jobs
