West Monroe isn’t a start-up consulting firm, but we act like one.
From day one, our people can make a definitive personal impact for their clients and their careers. What does this mean? It means we seek out the best of the best and then we challenge them to make us better. If you are looking to be a “behind the scenes” technologist, this isn’t the place for you. We celebrate driven professionals who thrive in a collaborative environment. Our consultants work on front lines, partnering with clients to deliver innovative solutions in the most dynamic, complex industries. Sound interesting? Then West Monroe just might be the place for you.
Think you’re up to the challenge?
We’re looking for a senior-level consultant to join our Cybersecurity group to help resolve complex client breaches during and after Incident Response & Recovery engagements. In today’s digitally interconnected global community, cyberattacks like data breaches and network intrusions can often handcuff even the most sophisticated enterprises – many of which rely on West Monroe to help them navigate through the crisis. Cybersecurity consultants on our IR&R team investigate these types of attacks, uncover critical information, and utilize their findings to engineer a real-time fix.
As a Sr. Cybersecurity/Incident Response Consultant, you will be tasked with forensic imaging & analysis, breach containment, and infrastructure recovery, planning, & execution. Your goal will be to thwart the intruders cyberattack and release our client from a hostage situation. With the guidance of an Incident Commander, you will interface with various groups: internal West Monroe resources & consulting practices, external parties (law firms, law enforcement, insurance brokers & underwriters, media/PR), and client resources (C-Suite, Legal and GRC Departments, Physical Security, Cybersecurity, Auditing, Operations, IT, Call Centers, Marketing, Investor Relations, Communications).
- Collaborate with WMP Incident Commanders and Forensic Investigators to plan, coordinate, and execute remediation activities during client security incidents (I.e. data breaches or ransomware events) – post breach.
- Work through determined incident triage and assess the effectiveness of various tactics/strategies to make rapid decisions on appropriate courses of action.
- Spearhead reactive and proactive Threat Hunting engagements by performing endpoint, network, and log analysis.
- Review and recommend technical, processes, and physical controls to mitigate damage from breach presence.
- Engineer and deploy cybersecurity & infrastructure solutions to counteract future unethical hacking.
- Mentor and enable junior consultants to develop additional forensic, response, and threat hunting capabilities.
- Translate business and technical requirements into concrete projects proposals, including detailed work plans and cost estimates, to assist in sales efforts and develop client relationships, as well as new opportunities.
- Promote thought leadership in emerging forensic and investigation technologies by developing partnerships, leveraging go-to-market offerings, speaking at events, representing us at tech conferences, writing blog posts, etc.
- 2-7+ years of experience within cybersecurity, incident response, IT risk management, or related field.
- 1-2 years of experience in management consulting or tech consulting – strongly preferred at Sr Consultant+ level.
- Professional-level certs – CISSP, CHFI, CFCE, CEH, OSCP, CISM, GIAC – strongly preferred at Sr Consultant+ level.
- BS/BA degree in IT, MIS, Computer Science, Business, Math, or another related field.
- Well-versed in incident response engagements, preferably at the enterprise level: technical recovery, legal or compliance notifications, IR plan development, tabletop testing, etc.
- Strong understanding of application, database, authentication, and network security principles.
- Advisory experience in compliance or regulatory frameworks (I.e. HIPAA, PCI, NIST).
- Excellent organizational, verbal, presentation/facilitation, and written communication skills.
- Ability to convey complex technical security concepts to both technical and non-technical audiences during crisis situations (I.e. executive or board level presentations).
- Willingness to travel for out of town client engagements – up to 80% domestic travel.
- Ability to read/write software code or scripting language: C# .Net, Java, C++, Python, Ruby, etc.
- Cloud security & governance exposure across AWS, Azure, or GCP platforms.
- Broad understanding of IT infrastructure: hosting, storage, networking, hard servers & server virtualization, software/hardware tools, and application platforms.
- Practical experience with emerging, innovative technology/concepts: IoT cybersecurity, Data Science/AI/ML, blockchain technology, serverless computing, robotics process automation, biometrics, etc.
- Cisco/Juniper networking certifications; PMP, PgMP.
Read Full Job Description