Senior Security Analyst

Job Description

Who You'll Work With You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact. In return for your drive, determination, and curiosity, we’ll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference. When you join us, you will have Continuous learning Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey. A voice that matters From day one, we value your ideas and contributions. You’ll make a tangible impact by offering innovative ideas and practical solutions. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes. Global community With colleagues across 65+ countries and over 100 different nationalities, our firm’s diversity fuels creativity and helps us come up with the best solutions. Plus, you’ll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences. Exceptional benefits In addition to a competitive salary (based on your location, experience, and skills), we offer a comprehensive benefits package, including medical, dental, mental health, and vision coverage for you, your spouse/partner, and children. Your Impact You will Perform security monitoring, investigations, and analysis of events to thwart internal and external threats to the environment Review alerts from internal Security Information and Event Management (SIEM) tools as well as Managed Security Service Providers (MSSP) requiring log correlation, log analysis, determining malicious behavior, vetting of false positives, remediating system misconfigurations, tracking system state changes, and other information across multiple systems. Analytic processes and outputs will be required to support forensic reconstruction as needed Conduct forensic analysis on a multitude of security tools within heterogeneous environments and understand extent, type, and vector of the attack Conduct security monitoring activities to provide security in depth visibility into potential known and unknown threats that may pose risk to the McKinsey’s environment Contribute to security incident response by acting as a technical Subject Matter Expert and by helping to manage the incident response process Collaborate and serve as liaison to Managed and/or Unmanaged Security Service providers Conduct system management activities for cyber security incident response technologies including network logging and forensics, security information and event management tools, security analytics platforms, log search technologies, and host-based forensics as applicable Contain, eradicate, and recover from cyberattacks, including meeting/stopping threat adversaries Track and detect vulnerabilities in cloud operating models, identify areas that need immediate attention, and apply the right skills to highlight and mitigate the impact Coordinate across business units and both technical and non-technical functions to contain breaches and collect artifacts to support learning Your Qualifications and Skills Bachelor degree in an information technology discipline or equivalent IT experience required Relevant IT security certifications including CISSP, CISM, CRISC, CEH or SANS certs are expected Extensive experience (3+ years) in information security operations and/or related IT operational functions Demonstrable background in security products and technologies, security engineering, networking protocols, security analysis, network and endpoint forensics, and investigations Expert level understanding of the cyber kill chain, pervasive threat attack methods, and remediation Is familiar with public cloud architectures & operating models. Must have familiarity with cloud resources & log formats (i.e. cloud trail logs) Ability to script or program repeatable security monitoring and analysis tasks Ability to analyze network packets and log data Strong knowledge about network protocols, certifications in the area such as CCNA, is preferred Knowledge about multiple operating systems across Windows and Unix domain Ability to multi-task, prioritize, coordinate, work well under pressure and meet deadlines. Demonstrated willingness and ability to work across teams (technical and non-technical) in a “problem-solving” fashion to perform root cause analysis and offer perspectives on potential approaches to remediation