Skip to main content

SEARCH JOBS

OR Match jobs with LinkedIn

Any information we receive from LinkedIn is determined by LinkedIn and your privacy settings thereon. Duff & Phelps is not responsible for the privacy practices of any non-D&P operated websites. We will process any data we receive in accordance with our privacy policy.

OK

Senior Associate, Cyber Risk

Los Angeles, California

Success Profile

What makes a successful Cyber Security employee at Duff & Phelps? Check out the traits we’re looking for and see if you have the right mix.

  • Analytical
  • Communicator
  • Independent
  • Insightful
  • Relationship expertise
  • Technologically inquisitive

Back to Job Navigation (Success)

Career Path

Duff & Phelps offers many career paths to support your immediate and future success.

  • Intern leads to Associate, Cyber Risk
  • Associate, Cyber Risk leads to Senior Associate, Cyber Risk
  • Senior Associate, Cyber Risk leads to Vice President, Cyber Risk
  • Vice President, Cyber Risk leads to Senior Vice President, Cyber Risk
  • Senior Vice President, Cyber Risk leads to Associate Managing Director, Cyber Risk
  • Associate Managing Director, Cyber Risk ends this path

Back to Job Navigation (Career Path)

Employee Testimonials

Goh Siong Por
Personal improvement and growth are taken seriously here. The flexibility to work on both proactive and reactive cyber security engagements has greatly expanded my exposure and abilities in serving our clients.

Goh Siong Por

Vice President, APAC Cyber Risk, Singapore
Bill Anderson
At Kroll Cyber Risk, I find the collaboration and real sense of teamwork very inspiring. Personal egos are not encouraged! Communication with senior management is also straightforward and responsive. An excellent working environment.

Bill Anderson

Vice President, APAC Cyber Risk, Singapore
David Klopp
Opportunities for new cyber challenges, knowledge, and career growth are plentiful here. Not only is your success supported through regular professional training, the entire global team also contributes to information sharing via collaboration tools and weekly group presentations. We truly work as a global team and no one ever hesitates to step up and help.

David Klopp

AMD, Cyber Risk, Singapore
Rick Li
At Kroll you have the opportunity to learn different aspects of cyber security allowing you to develop a set of skills beneficial to your career growth and development. Kroll invests in cyber security and each employee can receive sponsorship for cyber training. In addition, they encourage a work life balance allowing you to do different things for yourself and the team.

Rick Li

Senior Associate, Cyber Risk, Hong Kong
Mark Farley
The Kroll Cyber team has a great culture. Everyone is down to earth and willing to help each other out. There are no big egos to contend with, which makes for a vibrant and collaborative working environment. One of the significant differences between Kroll Cyber and other places I have worked is how easy it is to work across international teams. There are no bureaucratic processes; all it takes is a quick conversation to organise logistics.

Mark Farley

Senior Vice President, EMEA Cyber Risk, London
Hassan Mahmud
Working for the group is awesome, from the amazing culture to a diverse range of projects undertaken. The benefits of being in a global team and collaborative knowledge sharing is unparalleled compared to competitors. Everyday can be different, however it typically consists of helping clients improve their cyber security, constant learning and problem solving.

Hassan Mahmud

Associate, EMEA Cyber Risk, London
Ben Hawkins
One of the things I appreciate most from being at this company is the feeling of support. Whether that be helping to develop my work product, ensuring I receive sufficient training, or affording me flexibility when life demands it, I always have the sense that Kroll has my back, and that is a valuable thing indeed.

Ben Hawkins

Senior Managing Consultant, EMEA Cyber Risk, London

Benefits

  • Professional Development

    Ongoing training and development opportunities at all levels of the firm through programs such as Duff & Phelps University, The Promote Program and Network of Women.

  • Global Presence

    As a global firm, our benefits vary by country.

  • Collaboration

    Be part of a flexible and diverse team that encourages and supports your personal and professional growth.

Back to Job Navigation (Rewards)

Description

Job ID 20001455 Los Angeles, California Apply now

Kroll, a division of Duff & Phelps and part of the Governance, Risk, Investigations and Disputes business unit, is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services. 

 

Kroll’s Cyber Risk team works on thousands of cybersecurity related incidents and engagements a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we can help protect our client’s data, people, operations and reputation with innovative investigations, response and proactive assessments.

 

Our clients also count on us for rapid, expert support in the event of a cyber incident or attack; we help clients of all sizes respond to incidents and restore stability through deep incident response, investigations, and digital forensics services as well as through eDiscovery, breach notification, identity monitoring and restoration services for individuals affected by a data breach. 


This position is remote.


RESPONSIBILITIES:

We are looking for bright, motivated, and inquisitive minds to join our Kroll Responder 24x7 monitoring and response team who are experienced in and passionate about modern cyber threat hunting and active response.  Our Senior Associates use leading endpoint detection and response tools to rapidly identify, investigate, and respond to threats and threat actors impacting systems and networks around the globe every day.

  • Perform ongoing threat hunting, analysis, containment, and remediation of threats identified through advanced endpoint detection and response (EDR), endpoint prevention (EPP), SIEM, and related security tools.
  • Collect and review relevant forensic artifacts to identify root cause and understand nature of threats.
  • Develop and communicate written and verbal threat reports associated with events to customers.
  • Assist in ongoing research, development, and testing of enhanced threat detection and response tools, techniques, and indicators.
  • Support incident engagement teams with active intrusion detection and response tasks.
  • Conduct threat research, forensic analysis, and basic malware analysis of threats.
  • Actively participate in related client meetings and teleconferences.
  • Assist clients with questions regarding threat detections, EDR tools, deployment, and maintenance.
REQUIREMENTS:
  • Bachelor’s degree or higher in Computer Science, Cyber Security, Computer Engineering, or similar technical degree.
  • Minimum 3 years’ experience in threat hunting, detection, and response or equivalent experience.
  • Ability to respond rapidly, multi-task, and communicate effectively both verbally and in writing with customers, team members, and engagement managers.
  • Highly motivated, tenacious, assertive problem solver with a desire to analyze root cause and reach effective conclusions to active intrusions and incidents on an ongoing basis both individually and as part of larger response teams.
  • Solid understanding of Windows operating system fundamentals, architecture (File System, registry, processes, binaries, DLL’s, etc.) and administration concepts.  Similar understanding of MacOS and/or Linux a plus.
  • Prior experience actively using endpoint threat detection and response (EDR) products to investigate threats such as VMWare Carbon Black, Windows Defender ATP, Crowdstrike Falcon, Sentinel One, Trend Micro XDR, Tanium, or others.
  • Understanding of common threat actor techniques, malware behavior and persistence mechanisms.
  • Working knowledge of various scripting languages and tools (PowerShell, Python, VB, Yara)
  • Working knowledge of TCP/IP and related networking concepts.
  • Prior experience using Splunk or other SIEM solutions, intrusion detection solutions, or related security products.
  • Relevant cyber security certifications including CISSP, GCIA, GCIH, GCFA, GMON, or GREM a plus.
  • Excellent written and verbal communication skills
  • Availability for occasional after-hours, weekends, and/or holiday work in response to active incidents.
  • Must be a US citizen or a green card holder


Apply now