WHO YOU'LL WORK WITH
You will be based in our Waltham, MA office as part of the Security Operations center. You will work in collaboration with fellow security analysts, engineers and other IT security specialists.
The Security Operations center (SOC) is McKinsey and Company’s, internal security monitoring, detection and response organization tasked with the detection and response to threats on the McKinsey and Company network. The SOC is a 24/7 organization with teams in different geographical zones to ensure continuous operations and coverage of security monitoring, detection and response.
WHAT YOU'LL DO
You will lead the Security Operations center's threat hunting daily operations as well as significantly contribute to the strategic direction of the threat hunt team.
In this role, you’ll develop new, and improve existing, threat hunt processes. You'll collaborate with security engineers to create use cases and correlation alerts in the SIEM for continuous security monitoring. You'll write both technical and executive threat hunt reports as well as highlight and identify risks and gaps resulting from the hunts. You will participate in threat hunting operations using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and mitigate threat actors on the network. You will develop advanced methodologies to identify threat actor groups and associated tools, techniques and procedures. You will produce metrics and develop dashboards to identify potential threats, suspicious/anomalous activity, malware, etc.
You will consult and inform on the tuning of detection infrastructure with technology teams to identify emerging threats. You will support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats. You will provide guidance and/or lead on the development of on-going information security risk reporting monitoring key trends and defining metrics to regularly measure hunt effectiveness and output.
You will proactively review internal processes and activities and identify opportunities for improvement. You will also mentor other threat hunt analyst.