Associate, Cybersecurity Incident Response, Threat

Ankura is a team of excellence founded on innovation and growth.

Join Ankura's rapidly growing cybersecurity practice and become a key player in protecting our clients from the ever-evolving threat landscape.

Practice Overview:
Our diverse team is comprised of seasoned security veterans, including professionals from the intelligence community and leading private security firms, alongside talented early-career professionals. This unique blend of experience and fresh perspectives allows us to offer insightful and innovative solutions.

We are equipped and prepared to provide services across a range of areas that include: Proactive Preparedness, Incident Response, Investigations, Cyber Resilience, Data Privacy, Managed Advisory Services and Managed Data Protection Services.

The Role:
As an Associate within our Data & Technology segment, you will play a vital role in tackling our clients' critical information security challenges. Client engagements are both reactive/incident response and managed detection and response in nature. You will be at the forefront of Managed Data Protection Services proactively safeguarding our clients’ critical data assets.

Key Responsibilities:
- Lead and participate in endpoint security monitoring engagements, both reactive and managed.- Become the eyes and ears of our clients, diligently monitoring endpoint devices, reviewing alerts, investigating incidents, and recommending effective remediation strategies.- Collaborate closely with client security teams, IT staff, management, legal counsel, and Ankura colleagues to ensure swift and coordinated responses to identified threats.- Prepare daily reports for clients, keeping them informed of their security posture and potential issues.- Serve as the primary point of contact for a diverse range of client stakeholders, building trust and fostering strong relationships.- Leverage your expertise to advise client organizations on endpoint security best practices and optimal response strategies in the event of a cyber incident.- Develop your analytical skills and employ deductive reasoning to draw informed conclusions and make critical decisions.- Maintain and adhere to established standard operating procedures, ensuring consistency and quality in our service delivery.- Demonstrate flexibility and willingness to work nights, weekends, and holidays as needed, recognizing the critical nature of our work.

Your Qualifications:
- Bachelor's Degree in Cybersecurity, IT, Computer Science, or a related field.- 3-6 years of experience in cybersecurity, preferably within threat detection or incident response.- Proven experience and proficiency in deploying and utilizing endpoint security monitoring solutions, including: Next-generation Anti-Virus (NGAV), Endpoint Detection and Response (EDR), Host-based Firewall, Network Traffic Analysis (NTA) tools, Security Information and Event Management (SIEM) systems- Working knowledge of Security Operations Center (SOC) operations and procedures.- Strong interpersonal and communication skills, enabling you to collaborate effectively across diverse teams and build trust with clients.

Preferred Certifications:
- Network +- Security +- GIAC Certified Incident Handler (GCIH)- GIAC Certified Forensic Examiner (GCFE)- GIAC Network Forensic Analyst (GNFA)- GIAC Certified Intrusion Analyst (GCIA)

Why Ankura:
- Join a team of passionate and innovative experts protecting clients from the threat landscape.- Work on cutting-edge projects that make a real impact on businesses and the world at large.- Enjoy a collaborative and supportive work environment that fosters professional growth and pathways for advancement.- Receive competitive compensation and benefits, including opportunities for travel and training.- We are committed to providing our employees with the resources and support they need to succeed and make a lasting impact.

LI-JK1