Cyber Security Advisory Consulting Manager - Chicago, United States - Aon

Aon

Verified Company

Chicago, United States

2 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

Aon is looking for a Cyber Security Advisory Consulting Manager - Defense and Transformation

This Defense and Transformation service line Manager role will be part of a cross-functional Proactive Security Services team that manages, implements, and delivers various Security Advisory engagements for our clients.

Aon's Cyber Security Advisory Consulting is client-facing management consulting function.

Our Proactive Advisory teams, within this business unit, specialize in the development and implementation of customized cybersecurity solutions for clients', in fee-for-service projects to mitigate risks and prepare companies in advance of a cyber incident.

Our Advisory services lines include Cybersecurity Organizational Design and Strategy; Risk and Compliance; Defense and Transformation; Resilience; Data Security and Privacy; and M&A/Private Equity.

As part of these service areas and within a shared resource model, your day-to-day contributions are focused on translating clients' cybersecurity requirements and customizing and implementing security solutions into specific guidance and insights to inform strategies, operations, and tactics.

Your delivery objective will be to identify and develop the security solutions for clients using your current knowledgebase and interpersonal skills along with our company products and technical tools to minimize security vulnerabilities and improve the effectiveness of appropriate security controls.

These project-based initiatives can involve working at customer sites, working from an Aon office, or remote/home.

Performance is typically measured by utilization (i.e., billable hours), role-based metrics, and the successful delivery of agreed solutions within budgeted hours.

The location is flexible. Your impact as a Cyber Security Advisory Consulting Manager

Responsibilities:

This role will be part of a multi-functional Proactive Security Services team that leads, carries out, and delivers various Security Advisory engagements for our clients.

The responsibilities of this position include but are not limited to the following:
Lead and manage delivery teams that conduct enterprise-level technical security assessments for various clients.
Performing blue teaming / purple teaming and technical security assessments against on premise and public/hybrid/private cloud environments.
Build and carry out Breach and Attack Simulations programs for clients to assess cyber defenses and provide improvement recommendations.
Enhance and scale traditional defensive security programs for clients against ransomware, APT, and insider threat scenarios.

Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models.

Develop client security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.
Recommend strategies to defend against threats such as ransomware, nation-state attacks, and insider threat.
Lead engagements and support team members during client engagement execution, ensuring timely progress, achievement of objectives, and delivery quality.

Enhance team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.

Track emerging security practices and contribute to building internal processes. You Bring Knowledge and Expertise

Required Experience:

Strong technical fundamentals in either Security Operations, Red Teaming or Blue Teaming
Professional experience in a client-facing role performing service delivery. Comfortable with information gathering via interviews as well as presenting to technical and executive audiences.
2+ years substantive experience in a technical cyber security role (offensive and/or defensive)
2+ years substantive experience with two or more of the following over the course of career:
Building and/or maintaining attack simulation and C2 infrastructure
Implementing technical security assessments and attack surface analysis against on premise and public/hybrid/private cloud environments
Performing blue teaming/purple teaming, technical security assessments or penetration tests against on premise and public/hybrid/private cloud environments
Building and/or maintaining security operations program for large and complex environments
Hands-on experience red teaming/blue teaming for large complex environments
Providing security advisory services related to secure design and architecture, ransomware defenses, or post-breach remediation.
Familiarity with cybersecurity frameworks and standards such as NIST CSF, MITRE ATT&CK and CIS Critical Security Controls.
Strong oral and written communications skills. A demonstrated ability to write clear, coherent and precise reports on a multiplicity of complex technical issues is essential.

Preferred Experience:
Recent consulting experience with a mid