Security Operations Specialist - New Ventures Technology
- Bachelor's degree in an information technology discipline
- 5+ years of experience in information security operations for cloud environment and/or related IT operational functions
- Relevant IT or security certifications including CISSP, CISM, CRISC, CEH or SANS certs
- Demonstrable background in security products and technologies; security engineering, networking protocols; security analysis and investigations
- Expert level understanding of malware kill chain and pervasive threat attack methods and remediation
- Ability to multi-task, prioritize, coordinate, work well under pressure and meet deadlines
- Expert knowledge of incident response processes (detection, triage, incident analysis, remediation and reporting).
- Demonstrable ability to analyze network packets and log data
- Experience with Splunk, Wireshark or other analytics tools a plus
- Experience with managing security for AWS or Azure cloud environments
- Experience with cloud security and monitoring tooling, Security Monkey, Evident, New Relic is a plus
- Experience with managing application security is a plus
- Programming experience in scripting languages such as Windows PowerShell, Python, Perl, is a plus
- Interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to both technical and non-technical audiences
- Excellent written and verbal communication skills in English
Who You'll Work With
You'll work in our San Jose, Costa Rica office as part of our New Ventures Technology Team. You will be supporting the applications and cloud infrastructure delivering software solutions to McKinsey external clients.
The Cloud Security Operations (CSO) as a part of the New Venture Technology Office Security team. This group offers clients flexible, interactive access to some of McKinsey's most distinctive proprietary knowledge. The support will entail all aspects of security relevant administration, monitoring and reporting.
Our goal is to provide the right expertise, tools, and frameworks to reduce the complexity of studies and enable consultants to successfully address the challenges they face.
New Ventures fosters innovation driven by analytics, design thinking, mobile and social by developing new products/services and integrating them into our client work. It is helping to shift our model toward asset-based consulting and is a foundation for – and expands our investment in – our entrepreneurial culture. Through innovative software as a service solution, strategic acquisitions, and a vibrant ecosystem of alliances, we are redefining what it means to work with McKinsey.
As one of the fastest-growing parts of our firm, New Ventures has more than 1,000 dedicated professionals (including more than 800 analysts and data scientists) and we're hiring more mathematicians, data scientists, designers, software engineers, product managers, client development managers and general managers
What You'll Do
You will identify potential risks and develop achievable and effective strategies to govern rapid response functions.
You will become a security champion for New Ventures and will ensure security risks are addressed and corrected in a timely manner. You will review security incidents created from security monitoring tooling and dashboards, log correlation and analysis and determine malicious software behavior. You will vet out False Positives, remediate system misconfigurations and track system state changes.
You will act as technical subject matter expert during security incidents. You will be responsible for implementing, monitoring and conducting forensic analysis on a multitude of security tools within heterogeneous environments in support of Security Monitoring, Forensics and Threat Intelligence. You will build out the cloud SIEM policy and security events catalog, detailing security events for the cloud environments.
You'll have the opportunity to develop and manage ongoing CSO training for analysts, providing on the job support and coaching. You will collaborate with the Infosec Incident Response Team to support detection, triage, analysis, containment, remediation and reporting of events/incidents. You will do this while balancing business priorities, emerging and actual threats and best practices to ensure the confidentiality, integrity and availability of information assets.
You'll conduct operations surrounding cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host based forensics. You will handle virus outbreak scenarios by analyzing the impact and by following up with operational teams and/or vendors to get rapid releases for workstations/servers.
You'll prepare reports that document security breaches and the extent of the damage caused. You will identify key cyber threat issues through a variety of intelligence resources and proactively advise on remediation processes. Additionally, you will advise on tactical and strategic methodologies to proactively thwart cyber security incidents. You will produce technical and non-technical high-quality presentations, recommendations and findings for applicable stakeholders.
You'll have the opportunity to establish a repeatable process for forensic support environment (i.e. recovering deleted files, reconstructing internet history, using search techniques, analyzing metadata, carving unallocated clusters, analyzing registry files, imaging files from servers and RAID arrays, and similar forensic techniques). You will provide knowledge of computer evidence and forensics application tools. You will conduct digital investigations including: incident handling and response, network and computer forensics, malware and memory analysis.
Meet Some of McKinsey's Employees
Danielle is one of the leaders of McKinsey’s business with retail and consumer clients. She oversees client projects and helps her teams and her clients utilize McKinsey’s resources.
Back to top