Introduction
The Associate Consultant role is a full-time employment opportunity for recent graduates of BS or MS programs, typically in areas of study related to digital forensics, incident response, cybersecurity, information security, etc., as well as new veterans with applicable skills, seeking to enter the world of consulting. At the start of the program, you will benefit from in-house training covering different types of Unit 42 DFIR investigations, and gain an understanding of the methodologies involved. This will be followed by opportunities to shadow client engagements and receive mentorship to further develop your technical skills, as well as consulting skills, from experienced incident response consultants. Thereafter, you will support investigations by performing tasks at levels of increasing complexity on your path towards earning a promotion to Consultant.
Your Impact
- Act as a key member of our team, learning to lead audits, risk assessments, and other engagement-related duties in accordance with industry regulations, standards, and company policies and procedures for assurance and continuous improvement of controls
- Support client engagements related to matters such as ransomware readiness assessments, cyber risk assessments, cloud security assessments, and incident response tabletop exercises
- Proactively identify security risks and vulnerabilities while eliminating cybersecurity threats
- Leverage Unit 42 custom tools and third-party forensic suites to conduct digital investigations.
- Interact with prospects and clients by assisting with completing security questionnaires, assessments, and audits
- Effectively write and communicate audit, assessment, or compliance engagement reports and provide recommendations to client management
- Travel to Unit 42 offices and client sites as needed to meet business demands (estimated up to 20%).
Your Experience
- Bachelors or Masters degree earned recently or anticipated to be earned within the next 12 months, in a related field such as information security, computer science, or cybersecurity; OR relevant military experience
- Passion and enthusiasm for cyber security, technology, and cyber risk management
- Deep knowledge of risk management and/or compliance frameworks, such as NIST 800-53, NIST CSF, CIS Critical Security Controls, ISO 27000 series, HIPAA, and PCI DSS
- Experience with GRC tools, technology, and implementation
- Experience with Application Security Audits and Risk Scoring
- Ability to understand technical concepts and to articulate these topics clearly, regardless of technical aptitude
- Ability to adapt quickly to and operate within a fast-paced environment, managing multiple priorities
- Familiarity or proficiency with scripting and/or programming is not required, but is desired
- Strong communication and writing skills, with a keen eye for detail
- Professional demeanor and ability to communicate in an executive-friendly style
- Ability to meet stringent client deadlines and take accountability for projects through delivery
- Self-starter / proactive work mentality … you should be able to manage your own time and prioritize competing objectives appropriately
- You must have authorization to work within the United States
Our Commitment
The compensation offered for this position will depend on qualifications, experience, and work location. For candidates who receive an offer at the posted level, the starting base salary (for non-sales roles) or base salary + commission target (for sales/commissioned roles) is expected to be $103,000/yr. The offered compensation may also include restricted stock units and a bonus. A description of our employee benefits may be found here.
