Cyber Security Senior Engineer

Job Description

POSITION SUMMARY: The IT Cyber Security Senior Engineer / Incident Responder works with various teams inside BCG (Information Management Team, Global Functions and IT) and with vendors, suppliers, and partners to support the SOCs mission of preventing, detecting, and responding to cyber threats. The IT Cyber Security Senior Engineer / Incident Responder is an experienced position within the CSIRT and has a thorough understanding of the incident response domain, including triage and escalation. This analysts that can work simultaneously on multiple security incidents and security-related problems. The IT Cyber Security Senior Engineer / Incident Responder interacts closely with BCGs SIEM and MSSP to detect and understand the current threats against BCGs network, and provides Tier 3 incident response support. These tasks ensure that all cyber security incidents are accessed and communicated to relevant stakeholders in a timely manner. This includes, but is not limited to: Interacting closely with BCGs MSSP identify, assess, and communicate cyber events in a timely manner Responding to security event alerts from multiple sources Quickly, efficiently, and accurately triaging and escalating cyber events to senior team members. Maintaining industry knowledge of SIEM and threat intelligence and its interactions with other technologies, such as Active Directory, Log Management, Ticketing, Information Management, Cloud Services, Devices, etc. Collecting, monitoring, and analyzing log data produced by the BCG's System Reviewing and preparing monthly status reports and statistics Following-up on incidents, issues, and concerns related to security events and data loss Providing backup to other BCG Security Architects to audit, monitor and report on the various components of BCG IT security Experience with Digital Forensics & Incident Response (DFIR) and Incident Response (IR) Automation/Orchestration tools Providing backup to other BCG Security Engineers to build and maintain DFIR & IR orchestration and automation capabilities to manage cyber threat data and automate BCGs procedures Sufficient knowledge in business industry standard security incident response process, procedures, and life-cycle Interacting closely with BCGs MSSP identify, assess, and communicate cyber events in a timely manner Balance cost, risk, security, user convenience, and business requirements in all aspects of work BASIC JOB RESPONSIBILITIES: Under the general direction of the Information Security Manager or delegate and working with other IT, BST, etc. throughout the firm, the roles will perform the following functions: Participate as an integral part of the Security Team and IT in general Work closely with CSIRT team people & technology to detect, assess, and communicate cyber threats Update the Security Team and other groups on industry trends and recommend initiatives to help lower risk Define SIEM use cases to collect, monitor and analyze data to discover and discern trends, threats, and security risks associated with BCG assets and information. Recommend and create SIEM rules to protect BCG and BCG client confidential information Proactively monitoring and analyze logs via the SIEM for indicators of attack Mentoring more junior team members With the Information management team, follow-up on incidents, issues, and concerns related to data loss Manage incidents related to data loss, producing alerts and escalating issues to appropriate management Provide SIEM solutions and support for specific case team and/or project needs and requirements Develop and produce operational metrics that demonstrate the effectiveness of controls, quantifies security risks and issues, confirms service levels, tracks incident type and volume Well-versed and/or skilled in all or some of the following Applications: Automation or Orchestration Tools (Demisto, Komand, Resilient or similar) Cyber Threat Intelligence (CTI) Tools (Anomali, ThreatConnect, Recorded Future or similar) Support BCGs proactive cyber defense program at strategic, operational, and tactical levels; enhancing situational awareness and response actions by creating a contextual landscape of the cyber threats customized to BCGs infrastructure Solid understanding of modern network and cloud technologies Apply industry and BCG security knowledge, policy, standards, practices to incident response Respond to inquiries related to data loss and inappropriate sharing Develop standard materials in support of BCG Information Security Respond to, and to the extent possible, accommodate special requests and requirements Track and report on security issues All other tasks and responsibilities as requested by manager Maintain up-to-date knowledge of the cyber security industry as it relates to BCG including: Attacker methods and TTPs Standards, regulations and legislation. Threats and vulnerabilities Technologies and solutions Industry best practices Client requirements and concerns Provide input and represent BCG and client interests in the areas of: Incident response and investigation Incident response management for client security incidents Work with IT Directors, Managers, Architects and staff to implement, monitor and maintain Confidentiality, Availability and Integrity of BCG information assets Track and manage materials provided to external providers and clients Maintain information security credentials and certifications as required to present a credible presence to internal and external audiences JOB REQUIREMENTS: Masters or Bachelors degree (or equivalent); Information security experience, with a very strong technical background Significant information security and risk management experience in a multinational enterprise Demonstrated Threat Hunting and Incident Response experience (from a Consultancy or SOC environment) Experience with Security Information and Event Management (SIEM) monitoring tools and their use (Splunk, Arcsight, QRadar or similar) Background in security engineering and experience with Command Line Interface (CLI), Application Program Interface (API) management systems and programming/scripting languages such as (power)shell/bash and/or Python, Ruby. Experience with developing secure cloud architectures, cloud strategy and coordinating the adaptation process, to design and implement cloud infrastructures, platforms and applications (AWS, Azure, Google Cloud) to establish best practices for secure cloud architecture integration (network, identity, services and data) Good grasp in conceptualizing and/or implementing automation for business process workflows, most importantly in dealing cybersecurity use cases. Provide implementation support based on best practices to BCG Security Engineers throughout the life cycle of a project Strong knowledge of operating systems like Linux, Unix, Solaris, Ubuntu, Windows. Experience as an administrator/architect in any of the well-known operating systems to be familiar with these concepts and the pros and cons of using different operating systems with a strong understanding of networking concepts: TCP/IP, HTTP, DNS, JSON, REST Security in the cloud is important, and consequently, a high-level understanding of key security concepts. Knowledge of advanced cloud security concepts such as perimeter security controls is a plus Security certification like CISSP, CCSP, CEH, GIAC Certified Intrusion Analyst (GCIA) or GIAC Reverse Engineering Malware (GREM) or equivalent are a plus KEY COMPETENCIES: Technical and functional expertise Requires an advanced level of professional knowledge in information technology and security developed through a combination of advanced degrees in information technology and hands on experience. Must have previous career development experience which has provided management skills, motivational skills, interpersonal skills, and outstanding organizational effectiveness Knowledge of the legal and regulatory landscape related to security and privacy in an international environment Very strong business sense with ability to relate technology issues to business Problem solving, analytical skills and decision making Requires strong analytical skills and abilities including an extensive knowledge of software, database, operating systems, client server architecture and voice and data communication services and facilities, security and privacy, in an international setting Collect, review, and analyze various metrics, which help to measure and monitor systems, departmental performance, and quality. Discern and analyze trends. Review and prepare monthly status reports and statistics Manage group and project budgets Communication, interpersonal and teaming skills Outstanding verbal and written communications skills are a must because of the requirement to represent BCG in communications with clients. Calm demeanor, grace under fire, outstanding listening skills Leadership, impact and change High level of initiative and self-motivation, resourceful, and patient with an iterative process Ability to gain trust and commitment of others at different levels of the organization Proven ability to challenge traditional way of operating and moving beyond the obvious Translates BCGs broader strategic objectives and cascades these into own work plans, metrics and team work plans Works effectively with significant ambiguity and fluctuating priorities and constrains Work management, organization and planning Ability to evaluate and prepare detailed project plans for technology projects that will be implemented across the business. Manage local and global technology problems and direct staff in resolution of such problems. Evaluate and advise on the technology and systems components associated with projects adopted by BCG corporate and offices Ability to monitor projects and direct staffs to ensure projects are aligned with the strategic objectives of the business Customer and business focus Focuses on the most critical issues that have the highest impact on the organization and business needs Working mode: enabling, value adding and expanding Treats all others with respect; generate trust People management This position requires interaction with BCG Partners, BCG Case Team staff, client legal and security staff, Administrative Management, vendors, IT Management and Staff, Legal Department, Finance, Vendors, etc. Very strong relationship skills are essential. Excellent Leadership and teaming skills are required Values and ethics Strong sense of confidentiality and integrity Treats others with respect and generates trust Establish relationships based on respect, trust and integrity.

Keyskills :
Administration Management Security Management Cloud Security IT Security Information Security Server Architecture Cyber Security Digital Forensics Information Technology Active Directory SOC Splunk

About Company

The Boston Consulting Group (BCG) is a general management consulting firm, widely regarded as a global leader in business strategy consulting. The firm has built its worldwide practice on intellectual leadership and has helped change the way many corporations approach, and engage in, competition. Many of BCG's strategic concepts are taught at leading business schools and executive education programs around the world.
BCG is a privately owned firm with over 80 offices in more than 40 countries. BCG's Global Functions provide professional management services to the firm, including the central operations of finance, information technology, marketing, risk, legal, operations and human resources.

Candidate Profile

Please refer to the Job description above