Senior Associate, Cyber RiskJob ID 20000924 São Paulo, Brazil Apply now
Kroll, a division of Duff & Phelps and part of the Governance, Risk, Investigations and Disputes business unit, is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services.
Kroll’s Cyber Risk team works on over 2,000 cases a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we help protect our client’s data, people, operations and reputation with innovative assessments, investigations and intelligence. We are the only company in the world with the expertise and resources to deliver global, end-to-end cyber risk management, supporting organizations through every step of their journey toward cyber resilience.
Clients count on us for quick and expert support in the event of and in preparation against a cyber incident; from incident response to risk assessments, and complex forensics to breach notification and ID theft remediation we help clients – of all sizes – respond with confidence.
The Senior Assoicate will perform complex technical assessments and auditing of our client’s information security programs to assess the maturity of an organization’s information security program and make recommendations for improvement.
- Interview business stakeholders and evaluating business processes
- Perform Security Assessments providing guidelines to improve security controls based on most common frameworks and best practices (ISO, NIST, Cobit, etc.)
- Act as an interim security responsible in client´s environments providing guidance to executive levels
- Take ownership of projects and deliverables
- Handle a broad range of business intelligence and investigatory projects and cases
- Conduct research and analysis through the use of in-house as well as external resources
- Produce accurate, high quality client reports
- Contribute to the development of new opportunities
- Bachelor’s degree required
- Excellent written and verbal communication skills
- Must have hands on experience with Security Standards (PCI, ISO, NIST, Cobit)
- Must have hands on experience with Privacy Legislation (GDPR/LGPD)
- Minimum 5 to 10 years in Information Securityls
- Must be familiar with Active Directory, GPO, WSUS, SCCM, NTFS, etc.
- Must be familiar with network concepts such as VLANs, ACLs, Routing, SNMP, etc.
- Must be familiar with WiFi technologies and WiFi security best practices
- Experience with Virtual environments such as VMWare or HyperV is a plus
- Experience with Security Information and Event Management (SIEM) solutions is a plus
- Experience with Data Loss Prevention (DLP) solutions is a plus
- Software development and Penetration Testing experience is a plus
- Travel up to 25% based on client needs
- Possess one or more cyber security or forensics related industry certifications, including, but not limited to, the following: CISSP, CISM, CRISC, CISA
- Ability to travel up to 25% as required to support response activities.
In order to be considered for a position at Duff & Phelps, you must formally apply via careers.duffandphelps.jobs
Duff & Phelps is committed to equal opportunity and diversity, and recruits people based on merit.
In order to be considered for a position at Kroll, you must formally apply via careers.kroll.com
Duff & Phelps is committed to providing equal opportunities in employment. We will not discriminate between applications for reason of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.
- Senior Associate, Cyber Risk São Paulo, São Paulo
- Associate, Business Intelligence and Investigations Shanghai, Shanghai Municipality
- Associate Vice President, Business Intelligence and Investigations Shanghai, Shanghai Municipality
- Senior Vice President, Cyber Risk Hong Kong, Central and Western District
By entering your city, state and zip we can better target communications to your location.