Over the last 20 years, Ares’ success has been driven by our people and our culture. Today, our team is guided by our core values – Collaborative, Responsible, Entrepreneurial, Self-Aware, Trustworthy – and our purpose to be a catalyst for shared prosperity and a better future. Through our recruitment, career development and employee-focused programming, we are committed to fostering a welcoming and inclusive work environment where high-performance talent of diverse backgrounds, experiences, and perspectives can build careers within this exciting and growing industry.
Job Description
The Senior Associate - Level 3 Analyst (Forensics and Incident Response) is responsible for leading activities related to monitoring, investigating, and responding to security events. The Cybersecurity Operations Senior Associate - Level 3 Analyst (Forensics and Incident Response) within the SOC Team works with multiple technology platforms and interfaces with other groups within security Operations, Cybersecurity, IT operations , IT security architecture, IT Security Engineering, global partners, and other technology and business functions. The SOC team is part of the larger cybersecurity team that falls under the IT team consists of over 200 team members globally and is responsible for the firm’s technology landscape.
The ideal candidate will be passionate about information security operations, incident response (IR), and forensic investigations. This position will join our security operations center (SOC) team. The ideal candidate will have a strong background in having evaluated and responded to ticketed events and incidents, security operations holistically, and incident response. Additionally, the role requires understanding the threat landscape to include familiarity with recent threats and adversarial techniques, as well as the ability to quickly understand complex environments.
The preference for this role (but not required) is bilingual for Portuguese and English.
This is an exciting opportunity on a growing team that is investing in their people, process, and technology. The ideal candidate will have experience in the above areas, and a demonstrated ability and willingness to work well with stakeholders from diverse backgrounds. If you are a candidate looking to be a part of a dynamic team, that continuously challenges itself, is committed to learning and improving, and passionate about cybersecurity, then this could be the right opportunity for you!
Location: New York Only
Primary Functions And Essential Responsibilities
- Detects, identifies, investigates, and responds to cybersecurity events, threats, security risks, and vulnerabilities in line with cyber security policies and procedures
- When necessary, leads and coordinates incident response activities, engage stakeholders and relevant security teams outside of SOC to effectively investigate and neutralize a security incident
- Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention)
- Experience working with SOAR that automates repetitive tasks and drives efficiencies allowing analysts to work on more advanced tasks
- Communicates with stakeholders and leadership to provide timely and accurate updates on the progress of the Incident response effort
- Identifies, documents, and blocks TTPs, IOCs, and other artifacts during incident response
- Authors content using query languages and scripting for event enrichment and efficient investigation
- Develops procedures and documentation to support incident response and forensic investigation standard operating procedures
- Contributes to the maintenance and optimization of the organization's incident response plan
- Creates detailed timelines and incident post mortem documentation following investigations
- Create, evaluate and update SOC runbooks, playbooks, and procedures as appropriate.
- Conducts threat hunting and analysis using various toolsets based on hypothesis and intelligence
- Partner with the security engineering and platform engineering teams to optimize operations
- Support a program for continuous security controls testing and validation
- Participate in Purple and Blue teaming activities
- Campaign analysis - When warranted investigates and identifies trends and connections between attacks/tickets
- Mentors junior team members by example and through effective communication via one on one meetings, coaching, informational instruction, or other methods as required
- Works on metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associate
- Perform other duties as planned and communicated by leadership
Qualifications
Education:
- Bachelor’s degree or equivalent relevant work experience in Computer Science, Information Technology, Business, Intelligence, or Security Operations
- Professional Certifications such as CISSP, CISM, CEH, GCIH, GCIA, GSOC a plus, but are not required
Experience Required
- 6+ years of experience in Cybersecurity, or with a reputable Service / consulting firm offering security operations consulting or equivalent experience
- Demonstrated proficiency in IR and forensic response using a variety of toolsets
- Experience in scripting languages such as PowerShell or Python
- Experience in SOAR (Security Orchestration Automation Response) platform preferred
- Experience with one or more Security Information and Event Management (SIEM) solutions
- Experience with one or more Endpoint Detection and Response (EDR) Solution
- Experience with one or more cloud environments
- Experience as a leader, mentor, and trainer of team members
Skills
- Excellent communication skills with the ability to influence other teams
- Good understanding of the offensive and defensive side of security
- Driving measurable improvement in monitoring and response capabilities at scale
- Strong team player - collaborates well with others to solve problems and actively incorporates input from various sources
- Analytical and problem-solving mindset with demonstrated effective decision-making skills
- Works calmly under pressure and with tight deadlines
- Track record of successful personnel management
- Is proactive and highly trustworthy; leads by example
- Critical thinking
General Requirements
- Candidate should be able to work from Ares Office located in New York in a hybrid work environment
- Experience should demonstrate a sharp security mindset, imitative to solve problems, and teamwork
- Elevated level of personal integrity, honesty, and character
- Proficient in operational security and demonstrates good judgement
- Strong understanding of IR, forensic investigation, and defensive security
- Keen sense of ownership, accountability, curiosity, and independent thinking
- Comfort in dealing with ambiguity, stress, and uncertainty in a dynamic environment
- Well-developed analytic, critical thinking skills and demonstrated problem-solving abilities and decision-making skills.
- Experience in security monitoring, Incident Response (IR), and security tools configuration and tuning
- Knowledge of cyber security frameworks and attack methodologies
- Experience with EDR, email defense, and other security operations tools
- Inquisitive and committed to continued improvement/learning
- Ability to be flexible in terms of hours and to coordinate effectively with team members across time zones
- Excellent communication (written, verbal, presentation, documentation) and client service skills
- Capable of interacting and coordinating with stakeholders to drive project/task/support engagement
- Ability to interact effectively at all levels with sensitivity to cultural diversity
- Ability to adapt to needs of the organization and team as the external environment and organization evolves
- Proficiency in Portuguese Language both business written and oral will be a plus but not mandatory
Reporting Relationships
Compensation
The anticipated base salary range for this position is listed below. Total compensation may also include a discretionary performance-based bonus. Note, the range takes into account a broad spectrum of qualifications, including, but not limited to, years of relevant work experience, education, and other relevant qualifications specific to the role.
$150,000 to $170,000
The firm also offers robust Benefits offerings. Ares U.S. Core Benefits include Comprehensive Medical/Rx, Dental and Vision plans; 401(k) program with company match; Flexible Savings Accounts (FSA); Healthcare Savings Accounts (HSA) with company contribution; Basic and Voluntary Life Insurance; Long-Term Disability (LTD) and Short-Term Disability (STD) insurance; Employee Assistance Program (EAP), and Commuter Benefits plan for parking and transit.
Ares offers a number of additional benefits including access to a world-class medical advisory team, a mental health app that includes coaching, therapy and psychiatry, a mindfulness and wellbeing app, financial wellness benefit that includes access to a financial advisor, new parent leave, reproductive and adoption assistance, emergency backup care, matching gift program, education sponsorship program, and much more.
There is no set deadline to apply for this job opportunity. Applications will be accepted on an ongoing basis until the search is no longer active.