Associate, Cyber Risk
Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients. As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same. That means when you take your place on our team, you'll discover a supportive and collaborative work environment that empowers you to excel. If you're ready to share your perspective with the world, then you can make a real impact here. This is the Duff & Phelps difference.
The global cyber security team at Kroll, a division of Duff & Phelps, works on hundreds of cases a year, including some of the most complex and highest profile matters in the world. With our global reach of experts, supported by ground-breaking technology, we can help protect our client's data, people, operations and reputation with innovative cyber risk assessments, investigations and reporting. We can help enable organizations to be more cyber resilient by preparing for and detecting incidents through risk assessments, penetration testing and threat detection/intelligence services. Our clients also count on Kroll for quick and expert support in the event of a cyber breach or attack. We help clients of all sizes respond to incidents and restore stability through digital forensics, breach notification, identity monitoring and restoration services for individuals affected by a data breach.
At Duff & Phelps, your work will help protect, restore and maximize value for our clients. Join us and together we'll maximize the value of your career. RESPONSIBILITIES:
We are looking for bright, inquisitive minds who are experienced in and passionate about modern cyber security, threat hunting and incident response. Our analysts use leading endpoint and network monitoring tools to identify, analyse, and respond to a variety of threats and threat actors impacting systems and networks around the globe.
Cyber Security Monitoring and Response Analyst responsibilities include:
- Performing threat hunting, detection and analysis of events generated by advanced endpoint threat detection and monitoring solutions, and related security tools.
- Conduct threat research, forensic analysis and basic malware analysis of threats
- Perform remediation of identified threats
- Writing of threat reports associated with significant threat events.
- Assist in ongoing research, development, and testing of enhanced threat detection techniques and tools.
- Assist clients with questions regarding threat detections, EDR tools, deployment, and maintenance.
- Assist Kroll and client incident response teams in the efficient containment and eradication of identified threats.
- Low level understanding of Windows operating system architecture fundamentals (NTFS, registry, processes, binaries, DLL's, etc.) and administration. Similar understanding of MacOS and/or Linux a plus.
- Understanding of common malware behaviour and persistence mechanisms.
- Working knowledge of various scripting languages and/or security and malware analysis tools such as: Python, Ruby, Unix Shell, PowerShell, Yara
- Working knowledge of TCP/IP and related networking concepts.
- Prior experience using endpoint threat detection and response (EDR) products such as Carbon Black, Windows Defender ATP, Falcon, Splunk or other SIEM solutions, intrusion detection solutions, or related security products preferred.
- Excellent written and verbal communication skills
- Understanding of information security basics especially in the realm of security incident response
- Relevant cyber security certifications including GCIA, GCIH, GCWN, CISSP, GREM a plus.
- Fluency in English (working language of the organisation) is essential, other European languages a benefit.
- Must be an EU citizen or have a right to remain and work in the UK
In order to be considered for a position at Duff & Phelps, you must formally apply via careers.duffandphelps.jobs
Duff & Phelps is committed to equal opportunity and diversity, and recruits people based on merit.