Incident Commander, DFIR
At West Monroe, our people are our business.
We pride ourselves on bringing a different mindset to consulting—and that takes a different approach: highly collaborative, flexible, and tenacious.
Our people-first culture is core to our identity. It’s something we care about, and something we strive to enrich and preserve. No hierarchies. No siloes. No egos. Just smart ideas, unique perspectives, and the drive to make an impact for our clients. We also know that the best outcomes for both our people and our clients result from including diverse perspectives at the table. That’s why inclusion & diversity is one of our core values.
Every day our clients rely on us to help them tackle their greatest challenges, by strategically deploying technology through a business-focused and industry-specific lens. We bring together both the right knowledge and the right approach, so that they can capitalize on opportunities and deliver real results. That takes the right team. And that’s where you come in.
Ready to thrive in the next step on your career journey?
West Monroe is looking to hire an Incident Commander to focus on managing multiple workstreams and resources during/after Incident Response & Recovery (IR&R) engagements. The manager/sr. manager-level consultant will be tasked with the coordination and project management of breach containment efforts related to ransomware events (or similar security incidents) happening at our clients.
This consultant role often interfaces with multiple groups: external parties (law firms, insurance brokers, media, public relations), West Monroe resources, and client resources (C-Suite, General Counsel, Risk & Compliance, Physical Security, Cybersecurity, Auditing, Operations, IT, Call Centers, Marketing, Investor Relations, Public Relations). The consultant will aim to establish ongoing relationships with third parties and clients, work closely with stakeholders to understand business objectives, and advise on security risks/mitigation strategies during IR engagements. Furthermore, they will collaborate with Cybersecurity practice leaders to set the direction of our IR&R offering.
Responsibilities:
- Lead incident response/recovery consultants and activities during and after cybersecurity incidents, I.e. Ransomware
- Conduct initial incident triage, assess the effectiveness of various tactics/strategies, and make rapid decisions on appropriate courses of action
- Review and recommend technical, process, and physical controls to counteract breach event damage
- Interface with client senior leadership to understand business objectives, identify risk factors, and communicate effective remediation/future mitigation strategies
- Convey complex cybersecurity concepts to both technical and non-technical audiences during crisis situations, I.e. executive or board level presentations
- Mentor junior consultants to further develop cyber response, forensic, threat hunting, and IT infrastructure skillsets
- Promote thought leadership in emerging Cybersecurity and IR best practices and technologies, including partnerships, go-to-market offerings, speaking engagements, and blog posts/whitepapers
Qualifications:
- Bachelor’s degree in relevant field preferred, or equivalent industry experience required
- Consulting firm/industry experience preferred
- 7-15+ years of experience within cybersecurity, DF/IR, and/or cyber law/privacy
- PMP certification preferred; CISSP, CISM, or equivalent cybersecurity certifications preferred
- Leadership experience within cybersecurity breach management, I.e. technical recovery, legal or compliance notifications, IR plan development, forensic investigation, tabletop testing, IT infrastructure remediation
- Advisory experience in compliance (I.e. PCI DSS, HIPAA) and industry standard/regulatory frameworks (I.e. NIST)
- Excellent organizational, verbal, presentation/facilitation, and written communication skills
- Bonus experience:
- Juris Doctor (J.D.) degree
- Previous experience working with law enforcement (I.e. FBI), DFIR consulting firms, cyber insurance providers, breach coaches, and/or law firms
- Hands-on technical skills in Cybersecurity, DF/IR, and/or IT Infrastructure (cloud, server, end-user, etc.)
- Comfortable working flexible hours, including occasionally weekends and overnights, in exchange for schedule flexibility when not actively responding to a client security incident
- Willingness to travel for out of town client engagements
Ready to get started? Join our team and make an impact.
To learn more about inclusion and diversity at West Monroe, visit www.wmp.com/inclusion.