Pro- Active/Enhanced Security Testing Partner with colleagues to expand controlled penetration testing technologies and capabilities on networks, applications, and systems to identify security vulnerabilities. Investigate and keep up to date with changes in tooling and advanced attacks in network, cloud and application testing. Analyze and interpret results to identify potential risk as well as evaluate potential impact. Red Team, Blue Team, Purple team exercise leadership experience. Professional Development and Innovation Stay informed about emerging trends and technologies in cybersecurity. Drive collaboration and defensive standards/expertise across Bain, working with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture. Explore Professional Certifications and work with leadership to plan trainings. Knowledge, Skills, and Abilities Security Monitoring & Incident Detection and Response Strong knowledge of Splunk (or other SIEM tools),CrowdStrike or equivalent EDR/MDR platforms, Windows Defender, Palo Alto Networks, Other AV/EDR tool configuration, Cyberhaven (or other DLP tools) Knowledge of Vulnerability & Attack Surface Management toolsets, Threat Intelligence and Analysis tools, Vendor technical Risk Scoring tools, Deception technologies Knowledge of ticketing, triage and forensics capabilities and toolsets General Skills Great communication skills, with the ability to document and explain technical information clearly. Analytical mindset, with a focus on learning and problem-solving. Ability to work independently and well in a team, showing strong interpersonal skills. Eagerness to learn and adapt to new challenges in cybersecurity. Entrepreneurial spirit, open to trying new approaches and learning from them. Team Management Drive and expand the training and professional development of Security Operations staff. Qualification and Experience Bachelors degree in a related field (e.g., Computer Science, Cybersecurity, Information Technology) or an equivalent combination of education, training, and experience 10-15 years of relevant experience Experience with Information Security technologies (Firewall, IPS, IDS, SIEM, EDR, CASB, AV, DLP, etc.) Experience with common information security controls frameworks (i.e. ISO, NIST, CIS, or CSA) Global company or equivalent Experience deploying systems or applications Ability to work independently and with teams on complex problems Complex problem solving Ability to work in a fast paced, dynamic environment.
