Manager - Cybersecurity Investigations
StoneTurn Group
- Boston, MA
- Permanent
- Full-time
- Demonstrates a strong understanding of supporting global engagements on a variety of cyber security investigation matters.
- Lead investigations, incident response (IR), and Cyber Threat Intelligence (CTI) engagements.
- Oversee and lead Incident response (IR) matters that help clients detect, eradicate, contain, and recover from a data breach.
- Facilitate and lead client and team meetings to document client objectives and requirements, while driving consensus and determining the best solutions.
- Create client deliverables and present investigative results to clients verbally or in written form.
- Integrate and cross-market with other StoneTurn practice areas to deliver coordinated services on investigation, compliance and monitoring and expert witness matters.
- Mentor and develop team members, including Senior Consultants and Consultants, to ensure the highest quality execution of client objectives and deliverables.
- Demonstrate professionalism and foster a collaborative environment through a positive and cooperative attitude, maintain confidential nature of client relationships and work product.
- Assist the Cyber Security Partner to grow the practice, including the identification and executive of business development and recruitment opportunities.
- Assist with RFPs and proposals on opportunities, including budget preparation.
- B.S. in computer science or a related field.
- 6+ years digital forensic, incident response, and investigative experience; 2 years of management and supervisory experience.
- Expertise in using various security tools and technologies, such as SIEM platforms, forensic analysis tools, network intrusion detection systems (IDS/IPS), and endpoint security solutions.
- Prior specialized experience in managing successful cyber investigations, threat detection and incidents within professional services or consulting spanning computer intrusion, ransomware, and national security issues, interviewing persons of interest.
- Experience working with legal teams, law firms, or law enforcement agencies.
- One or more (preferred) Cyber Security Certifications including CISSP, one or more SANS GIAC, CISM, CISA, CEH
- Functional knowledge in detecting, analyzing, and mitigating cyber threat actor activity.
- Ability to structure and perform technical projects, manage client expectations and foster effective relationships.
- Excellent interpersonal, prioritization and communication skills.
- Flexibility with the potential travel requirements related to client engagements and firm matters.
- Experience working in regulated industries such as finance, healthcare, or government.
- Demonstratable experience in threat detection and mitigation involving platforms like EDR, OSINT, Log Analytics, Network, and Cloud.
- Prior law enforcement or related US government experience such as Airforce OSI, NCIS, NSA, or FBI Cyber., including multi-agency investigative work (DOJ/FBI, etc.).
- Coding and/or scripting abilities for task automation and/or threat actor attack recognition.
- Industry experience in any of the following: Financial Services, Energy, Biopharma, Technology, Healthcare.
- Expert or fact witness testimony experience.
- Knowledge of cloud security principles and practices, particularly in AWS, Azure, or GCP environments.
- Previous experience supporting or leading incident response exercises, tabletop simulations, or red team/blue team engagements.