Manager, Infrastructure Security & Risk Management
Ankura is a team of excellence founded on innovation and growth.Practice Overview: Ankura Technology Services (ATS) provides all technical infrastructure and support services across the company in a secure, reliable, and cost effective manner. Examples include laptops, email, the service desk, network connectivity, fileservers, phones, servers and common applications. ATS’s goal is to enable Ankura's consultants and business groups to effectively deliver both internal and external technical engagements. ATS strives to innovate while operating the business efficiently with the appropriate cost, risk and service level trade-offs. Role Overview: The Manager, Infrastructure Security & Risk Management supports our Cybersecurity Governance as part of the IT Team within Ankura Business Services, our internal firm services function. The role is responsible for developing Ankura’s Cloud Security program and assisting in the identification, assessment, measurement, monitoring, and reporting of risk through Ankura’s program. Responsibilities:
Developing and expanding Ankura’s Cloud Security program
Helping build and maintain a Cloud and On-prem Security program according to the leading cloud provider guidelines
Evaluate and respond to alerts and events from the security tools, including tuning tool configuration to minimize false positives, developing event response documentation and processes for Security Operations Center response to follow for event actions, and escalating to appropriate teams for event response
Promote Cloud Security Best Practices: Advocate for secure cloud architecture and design patterns across multi-cloud environments (AWS, Azure, GCP)
Collaborate with Teams: Work with engineers, developers, and external teams to identify and remediate cloud security issues
Security Assessments: Conduct cloud security assessments on cloud infrastructure and applications
Cloud Security Posture Management (CSPM): Evaluate and implement tools for continuously monitoring cloud environments, ensuring compliance with security standards and policies
Incident Response: Lead or assist in cloud-based security incident investigations, focusing on root cause analysis and remediation efforts
Collaboration: Act as the technical liaison between Information Security and infrastructure teams to foster strong security practices and ensure the secure deployment of cloud applications
DLP management in an enterprise environment.
Work with malware and attack vectors and the ability to perform pattern analysis and discover root causes
Plan and scope security vulnerability assessments and penetration tests, familiar with assessment tools like Tenable and Qualys
Take ownership of analyzing and responding to security alerts from multiple sources within Ankura and determining possible causes of such incidents
To respond to incidents, perform real-time information security incident handling (e.g., forensic collections, intrusion correlation/tracking, threat analysis, and direct system remediation)
Responsible for monitoring emerging threat patterns, vulnerabilities, and anomalies and escalating any unknown threats to the Senior Management
Report appropriate operational issues to the Security Architecture team so that they may be resolved at an architecture level
Understand the latest cyber threat landscape and the company’s IT infrastructure.
Keeping up to date with attacker techniques and staying current on Information Technology (IT) security trends and news
Qualifications :
Bachelor’s Degree in a in Computer Science, Information Systems, Engineering or a related scientific or technical discipline
15+ years of experience working with a public cloud and on-prem infrastructure
Experience across multi-cloud environments (AWS, Azure, GCP)
Experience at admin level for O365 portals and Defender.
Experience with Microsoft operating systems and their security hardening.
Experience within EDR/MDR/XDR and Sysmon, as well as anti-virus, SIEM, general security analytics, and log sources.
Familiarity with Mac and Linux operating systems.
Familiarity with encryption, access management, transmission control and internet protocols (TCPs and IPs), and the CIA Triad (confidentiality, integrity, accessibility).
Strong understanding of malware, intrusion detection, and prevention systems.
Knowledge of networking protocols, switches, routers etc.
Knowledge of Firewalls cloud.
Knowledge of VMware.
Industry-specific technical knowledge, such as the use of specific analysis tools.
An understanding of information security frameworks and standards such as Cyber Essentials, NIST, and ISO 27001.
#LI-NT1#LI-RemoteAnkura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.Ankura Consulting Group, LLC is an independent global expert services and advisory firm that delivers services and end-to-end solutions to help clients at critical inflection points related to conflict, crisis, performance, risk, strategy, and transformation. The Ankura team consists of more than 1,800 professionals serving 3,000+ clients across 55 countries who are leaders in their respective fields and areas of expertise. Collaborative Lateral Thinking That Deliversᵀᴹ, hard-earned experience, expertise, and multidisciplinary capabilities drive results and Ankura is unrivalled in its ability to assist clients to Protect, Create, and Recover Valueᵀᴹ. For more information, please visit, ankura.com.