Sia Partners is an independent management & operational strategy consulting company. Through unparalleled industry expertise, Sia Partners delivers superior value and tangible results to its clients.
Sia Partners has now more than 850 consultants and projected revenues of 140 million euros (2016/2017). The Group has an international presence with 20 offices, the United States representing its second largest market with almost 10% of the revenue.
Cyber Security and IT Risk Analyst-Consultant
The Cyber Security and IT Risk Analyst performs Cyber and IT Risk assessments, makes recommendations and implements steps to combat and identify cyber threats. S/he will conduct research and evaluate technical and all-source intelligence–with specific emphasis on network operations and cyber tactics, techniques, and procedures–focusing on the threat to networked weapons platforms and information networks.
The Analyst will correlate threat data from various sources and analyze network events to establish the identity and modus operandi of malicious users active in networks or posing potential threats to networks. S/he will work closely with other technical, forensic and incident management personnel to develop a fuller understanding of the intent, objectives and activity of cyber threat actors.
- Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments.
- Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need.
- Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks/hazards.
- Prepares assessments and cyber threat profiles of current events based on the sophisticated collection, research and analysis of classified and open source information.
- Produces high-quality papers, presentations, recommendations, and findings for Senior Level Management and Enterprise Technology Leaders.
- Provides briefings and presentations to customer leadership supporting Information Security and Network Operations decision making.
- Requires specialized depth and/or breadth of IT Risk expertise.
- Interprets internal or external business issues and recommends best practices.
- Collaborates with others to solve complex problems; uses sophisticated analytical thought to exercise judgment and identify innovative solutions.
- Works independently, with guidance in only the most complex situations.
- Understand and utilize physical components, types of networks/operating systems/databases, protocols, and topologies.
- Must be well versed in the techniques that actors utilize to attack an organization and understand how to pull information from large data sets and how to structure information for reuse.
- Knowledge of collection and analysis methods as well as knowledge in multiple tools (e.g. Penetration Testing), mostly targeted to data correlation and technical areas.
- Interprets IT Risk business challenges, identifies trends and recommends best practices.
- Able to articulate complex Cyber Threats to non-technical business leaders.
- Excellent verbal and written communication skills.
- Ability to train IT security concepts.
- Strong problem solving and analytical skills.
Leadership, Decision Making and Communication Requirements:
- Works independently and with minimal direction to identify emerging threats to network environments.
- Ability to react to high pressure dynamic changing environments.
- Team oriented, with the ability to work with diverse personnel within the intelligence capability.
- Makes decisions that have cross-functional impact.
- Understand how to turn requirements for intelligence into collection requirements, collect, prioritize, and store information from multiple intelligence disciplines.
- Communicates complex ideas; persuades and negotiates with others, often at senior levels, to adopt a different point of view.
- Have the ability to explain and defend the assessments and recommendations that are made.
- Collaborates with others to solve complex problems; uses sophisticated analytical thought and education and/or equivalent experience to exercise judgment and identify innovative solutions.
- Critical thinking: Demonstrates the ability to define the problem, apply root cause analysis on Cyber Security controls and propose recommended courses of action.
- 4-10 years’ experience in Information Technology Security or Risk from an IT Audit or IT Risk consulting background.
- Ideally a BA/BS in Information Technology Security, Cyber Intelligence or similar discipline.
- Advanced degree in the aforementioned academic areas of focus is a plus.
- Academic and educational requirements can be substituted for Military or Governmental Agency Intelligence positions. This will based upon Rank, Time in Service, and Military Occupational Specialties (MOS). Positions include Information Operations, Intelligence, Cyber Warfare, Network Defense, Electronic Site Exploitation, or equivalent responsibilities.
- Professional accreditations such as CISA are a plus.
All your information will be kept confidential according to EEO guidelines.