Ankura is a team of excellence founded on innovation and growth.

CAPABILITIES

An experienced people manager running small teams comfortable delegating and actively supporting the development of junior members of the team.Must have formal training and experience in delivering Threat Monitoring, Incident Response and Digital forensic along with Supervisory Capabilities.Must have hands-on experience to correlate and analyze information, raw logs, and complex data sets from a wide variety of enterprise technologies including but not limited to SIEM, UEBA, EDR, IDS, IPS, Proxy, Firewall, DLP, and other Threat intelligence tools and Telemetries for anomalous activity and items of interest.Must have the necessary experience to conduct initial triage and in depth analysis of security events and incidents; determine the priority, criticality, and impact; facilitate communication within the SOC, escalate to the client for containment and remediation, and document/journal progress throughout the Incident Response Lifecycle within the respective service level objectives.Required to have experience in conducting research analysis and data gathering requirements to present in a report format.Ability to develop and follow standard processes and complete documentation as needed.Must have experience with cyber incident related to BEC, Ransomware , Insider attack cases.Good to have Dark web monitoring, Vulnerability management experience.Must be flexible enough to work in a 24x7 rotational shift setup, including overnight, weekend, and national holidays.

TECHNICAL 

Minimum of a bachelor’s degree. Preferred degree digital forensics, engineering, computer science, information technology, data analytics, or work experience in Incident Response/DFIR in a Big4 consulting space Experience with forensic software: EnCase, Access Data Forensic Toolkit, Cellebrite , Linux-based forensic tools, Magnet Axiom,or similar forensic toolkitEmail Systems: Office 365, Microsoft Exchange, Lotus Notes/Domino, eVault, email archive platforms Experience working with non-Windows programs (such as Linux, Unix, Mac)Emerging SIEM such as MS Azure Sentinel, ELKThrough knowledge on EDR/XDR tools like CrowdStrike, Sentinel One, MS Defender. Threat hunting, Malware Analysis, Memory Analysis.

Understanding of KQL, Python, and/or other similar programming/query/scripting languages.

#LI-KJ1

EDUCATION, TRAINING & CERTIFICATIONS 

Preferred to have a degree in CS/IT or an along 9+ Year of relevant.Must have relevant entry-level or mid-level security certifications such as ECIH, CHFI

COMMUNICATION

Comfortable working in a remote work environment including web-based team management and collaboration applications, and time-keeping systemsAbility to communicate complex ideas effectively, both verbally and in writing in English and the local office language(s)Must be an active listener and ask questions of others when clarity is neededAbility to gain an understanding of client needs and apply analytic reasoningDemonstrates proactive engagement in meetings and process discussions

INDIVIDUAL & TEAMWORK 

Must be able to effortlessly switch between independent and team-based workUnderstands that the work product is dependent on team efforts and remains responsive to internal and external deadlinesAble to share expertise and experience with team members to encourage growth and shared successAble to maintain focus and attention to detail for sustained periods of timeEngaged in supporting the development and growth of all team members

GROWTH MINDSET

Can receive and provide feedback in a constructive manner that leads to the growth of self and others.Displays perseverance of effort and passion for a long-term goal and end state.Works well under timelines and puts in extra effort as required to meet timelines.Self-motivated to identify areas for team & process improvement and collaborate with others to develop creative solutions

LEADERSHIP TRAITS

Willing to adapt leadership skills to support larger and more complex projects.Work product for self and team is consistently of excellent quality and efficiency.Respectful and professional in all interactions with team members, clients, and colleagues.Maintains composure and calm disposition under high-pressure or stressful circumstances.

#LI-JK1

Ankura is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against based on disability. Equal Employment Opportunity Posters, if you have a disability and believe you need a reasonable accommodation to search for a job opening, submit an online application, or participate in an interview/assessment, please email accommodations@ankura.com or call toll-free +1.312-583-2122. This email and phone number are created exclusively to assist disabled job seekers whose disability prevents them from being able to apply online. Only messages left for this purpose will be returned. Messages left for other purposes, such as following up on an application or technical issues unrelated to a disability, will not receive a response.