Cyber Strategy Associate

RSM

RSM US LLP is the leading U.S. provider of assurance, tax and consulting services focused on the middle market.

View company page

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

We are currently looking fortechnicalConsultants for our Security,Privacyand RiskConsulting(SPR)practice.The candidate will work with teams of security and privacy staff in a wide variety of systemsenvironments. Our SPRConsultingteam serves the Information Security and Data Privacy related needs of our clients. This teamassistsclients with selecting, improving, controlling, securing,managingandmonitoringtheappropriate systemsto address their information needs.We serve a diverse base of clients in a variety of industries, and understanding how technologyimpactsthe operation and growth of organizations is what we do best.

As a Consulting Associate, you will jump start your career through a comprehensive training and development program where you will be exposed to all our Consulting Solution Practices. This training will include:

Consulting process,toolsand methods

Presentation and business writing skills

Time management and project delivery

Examples of candidate's responsibilities include:

Assess security of client networks, hosts, and applications

Determinetechnical, business impact and likelihood of identified security issues andprovideremediation guidance to clients

Perform analysis and testing to verify the strengths and weaknesses of mobile and web applications and web services (SOAP, WSDL, UDDI)

Perform Internet penetration testing usingblackboxandwhiteboxmethodologies

Review application code, system configurations and device configurations using manual and automated techniques

Measure and report clients’ compliance with established industry or government requirements

Identifyleaked client data on open and closed (Deep and Dark Web) sources

Perform analytical investigations into specific threat actors, ransomware, and campaigns

Communicate technical findings to a non-technical audience effectively

Create and review threat intelligence programs for clients using established intelligence models

Work withRSMconsulting professionals with a variety of credentials including Certified Ethical Hacker (CEH), Certified Information Systems Security Professionals (CISSP); Certified Information Systems Auditor (CISA),Certified Information Security Manager (CISM), Certified Threat Intelligence Analyst (CTIA)

Basic Qualifications:

MinimumB.A. or B.S. degree or equivalent from an accredited university by the time employmentcommenceswith a major inComputer Science, Information Technology, Information Systems Management, Information Security, intelligence, digital forensics,cybersecurityor other similar degrees

Technical background in computer science andcybersecurityrelated fields

Strong knowledgeof computernetwork technologies, protocols/topologies, digital forensics and endpoint protection, or threat intelligence

Software development, programming and/or scripting experience (Perl, Python, C, Java, PHP, ASP, etc.)

Ability to track threat actors across Dark Web criminal forums and marketplaces and ability to communicate findings

Ability to track malware campaigns and understand adversarial activity from an intelligence perspective

Basic understanding ofintelligence,including intelligence lifecycle, Kill Chain, Diamond model, and Priority Intelligence Requirements

Proventrack recordof an analytical and curious mindset in problem solving

The ability to interpret and convey technical information through written and oral communications to all levels of technical aptitude, including senior management

High degree of integrity and confidentiality, as well as ability to adhere to company policies and best practices

Possess a strong internal drive and motivation for continuous improvement

A minimum 3.0 GPA is preferred

Preferred Qualifications:

Practical hands-on or lab experience with IT infrastructure components such as servers, firewalls, IDS systems and other network infrastructure components

Practical hands-on or labexperience withsecurity applications, such as aAppScan,Metasploit,BurbSuite, Nessus, Social Engineering Toolkit, Kali Linux, etc., or other commercial and public domain security tools

Operating system configuration and security experience (HP-UX, Linux, Solaris, AIX, etc.)

Configuration and security experience with web servers and web applications (Apache HTTP/Tomcat, Microsoft IIS, Sun One, OracleiPlanet, IBM WebSphere, etc.)

Database Configuration and Security experience (MySQL, Microsoft SQL, IBM DB2, Sybase, Oracle, etc.)

Familiar with security testing techniques such as network discovery, port and service identification, vulnerability scanning, network sniffing, fuzzing, penetration testing, configuration reviews,firewallrule reviews, social engineering, wireless penetration testing and password cracking

Internshipor overallexperience with threat intelligence vendor or familiarity with various threat intelligence tools and platforms

At RSM, we offer a competitive benefits and compensation package for all our people. We support and inspire you to prioritize your wellbeing by delivering personalized, holistic programming for your physical, emotional, financial and community wellbeing.Learn more about our total rewards at https://rsmcanada.com/careers/life-at-rsm/rewards-and-benefits.html

Compensation Range: $60,500 - $84,500

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

We are currently looking fortechnicalConsultants for our Security,Privacyand RiskConsulting(SPR)practice.The candidate will work with teams of security and privacy staff in a wide variety of systemsenvironments. Our SPRConsultingteam serves the Information Security and Data Privacy related needs of our clients. This teamassistsclients with selecting, improving, controlling, securing,managingandmonitoringtheappropriate systemsto address their information needs.We serve a diverse base of clients in a variety of industries, and understanding how technologyimpactsthe operation and growth of organizations is what we do best.

As a Consulting Associate, you will jump start your career through a comprehensive training and development program where you will be exposed to all our Consulting Solution Practices. This training will include:

• Consulting process,toolsand methods

• Client engagement economics

• Presentation and business writing skills

• Time management and project delivery

• Communication skills

Examples of candidate's responsibilities include:

• Assess security of client networks, hosts, and applications

• Determinetechnical, business impact and likelihood of identified security issues andprovideremediation guidance to clients

• Perform analysis and testing to verify the strengths and weaknesses of mobile and web applications and web services (SOAP, WSDL, UDDI)

• Perform Internet penetration testing usingblackboxandwhiteboxmethodologies

• Review application code, system configurations and device configurations using manual and automated techniques

• Measure and report clients’ compliance with established industry or government requirements

• Identifyleaked client data on open and closed (Deep and Dark Web) sources

• Perform analytical investigations into specific threat actors, ransomware, and campaigns

• Communicate technical findings to a non-technical audience effectively

• Create and review threat intelligence programs for clients using established intelligence models

• Work withRSMconsulting professionals with a variety of credentials including Certified Ethical Hacker (CEH), Certified Information Systems Security Professionals (CISSP); Certified Information Systems Auditor (CISA),Certified Information Security Manager (CISM), Certified Threat Intelligence Analyst (CTIA)

Basic Qualifications:

• MinimumB.A. or B.S. degree or equivalent from an accredited university by the time employmentcommenceswith a major inComputer Science, Information Technology, Information Systems Management, Information Security, intelligence, digital forensics,cybersecurityor other similar degrees

• Technical background in computer science andcybersecurityrelated fields

• Strong knowledgeof computernetwork technologies, protocols/topologies, digital forensics and endpoint protection, or threat intelligence

• Software development, programming and/or scripting experience (Perl, Python, C, Java, PHP, ASP, etc.)

• Ability to track threat actors across Dark Web criminal forums and marketplaces and ability to communicate findings

• Ability to track malware campaigns and understand adversarial activity from an intelligence perspective

• Basic understanding ofintelligence,including intelligence lifecycle, Kill Chain, Diamond model, and Priority Intelligence Requirements

• Proventrack recordof an analytical and curious mindset in problem solving

• The ability to interpret and convey technical information through written and oral communications to all levels of technical aptitude, including senior management

• High degree of integrity and confidentiality, as well as ability to adhere to company policies and best practices

• Possess a strong internal drive and motivation for continuous improvement

• A minimum 3.0 GPA is preferred

Preferred Qualifications:

• Practical hands-on or lab experience with IT infrastructure components such as servers, firewalls, IDS systems and other network infrastructure components

• Practical hands-on or labexperience withsecurity applications, such as aAppScan,Metasploit,BurbSuite, Nessus, Social Engineering Toolkit, Kali Linux, etc., or other commercial and public domain security tools

• Operating system configuration and security experience (HP-UX, Linux, Solaris, AIX, etc.)

• Configuration and security experience with web servers and web applications (Apache HTTP/Tomcat, Microsoft IIS, Sun One, OracleiPlanet, IBM WebSphere, etc.)

• Database Configuration and Security experience (MySQL, Microsoft SQL, IBM DB2, Sybase, Oracle, etc.)

• Familiar with security testing techniques such as network discovery, port and service identification, vulnerability scanning, network sniffing, fuzzing, penetration testing, configuration reviews,firewallrule reviews, social engineering, wireless penetration testing and password cracking

• Internshipor overallexperience with threat intelligence vendor or familiarity with various threat intelligence tools and platforms

At RSM, we offer a competitive benefits and compensation package for all our people. We support and inspire you to prioritize your wellbeing by delivering personalized, holistic programming for your physical, emotional, financial and community wellbeing.Learn more about our total rewards at https://rsmcanada.com/careers/life-at-rsm/rewards-and-benefits.html

Compensation Range: $60,500 - $84,500

Individualsselected for this role will be eligible for a discretionary bonus based on firm and individual performance.

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr