Cyber Security Advisory Consulting Director

Profile

Cyber Security Advisory Consulting Director Aon’s Cyber Security Advisory Consulting is a client-facing management consulting function. Our Proactive Advisory teams, within this business unit, specialize in the development and implementation of customized cybersecurity solutions for clients’, in fee-for-service projects to mitigate risks and prepare companies in advance of a cyber incident. Our Advisory services lines include Cybersecurity Organizational Design and Strategy; Risk and Compliance; Defense and Transformation; Resilience; Data Security and Privacy; and M&A/Private Equity. This is a remote position with flexibility to work virtually from anywhere within the United States.  Some travel to clients sites may be required in the future (up to 30%). Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.  As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed.  What the day will look like Lead, manage, or oversee multiple simultaneous teams that conduct enterprise-level technical assessments for various clients.Assist with various practice client engagement pursuit initiatives, including the development of client engagement proposals.Assist in developing the Service Line offering maturity, market eminence, innovation, sales support by delivering presentations, white paper thought pieces, market facing collateral, etc.Assist in managing the Service Line staff by driving periodic meetings and touchpoints, as well as mentoring and de-escalating conflict or customer service concerns.Develop standard methodologies for container and serverless security in a hybrid cloud environmentProgram development for SSDLC including technology and process for CI/CD pipeline and cloud configurationsDevelop / Integrate security into the Software Development Process for clientsSupervise engagement team members during client engagement execution, ensuring timely progress, achievement of objectives, and delivery quality.Understand existing client processes and controls and associated risks with respect to electronic and non-electronic information security.Assess and investigate client IT security programs and environments via interviews and technical information analyses.Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models.Develop client security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.Develop strategies to reduce security risks across cloud services, on-premise infrastructure, servers, network devices, and user endpoints.Develop client strategies to defend against threats such as ransomware, nation-state attacks, and insider threat.Formulate executive level recommendations related to Information Security strategy.Enhances team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.Track emerging security practices and contribute to building internal processes. How this opportunity is different You'll be using your hands-on IT Security skills to support multiple external business clients, all with different environments, priorities and goals.  This variety will keep the position challenging.  Our Cyber Security Consulting business is booming, but we have still been able to maintain a team culture that is founded on collaboration and balance. Skills and experience that will lead to success The ideal candidate would have 7 years in progressively sophisticated roles in information security consulting, coupled with demonstrable experience in various Cybersecurity domains, including security engineering, security operations, infrastructure penetration testing, cloud security and/or Blue Team/Red Team, performing technical security assessments and remediation5 years of client delivery project and people management experience (minimum 5 people)Prior development of market facing collateral, articles, and delivery of presentations to audiences or large audience remote (WebEx, Teams, etc).3 years of hands-on technical experience with at least one cloud platform in security or infrastructure implementation and operations for leading Cloud service providers e.g., Amazon AWS, Microsoft Azure, Google CloudExperience designing Cloud reference architectures and outlining baseline security requirements for Cloud services (such as EC2, VPC, RDS, etc.)Proficiency and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools (e.g. Azure, AWS, GCP, Kubernetes, Docker, etc.)Knowledge/experience in continuous integration technology (e.g. Chef, Puppet, Docker, Jenkins, Ansible, or related tools)Comprehensive understanding of Terraform, CloudFormation, and/or other IAAC offeringsStrong oral and written communications skills. A demonstrated ability to write clear, coherent and precise reports on a multiplicity of complex technical issues is essential.The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues.This position requires handling multiple engagements with overlapping deadlinesA collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.Travel is required.Preferred Experience:Recent consulting experience with a mid to large size consulting firm/practice would be a plus.Preferred Security certifications:GIAC Cloud Security Automation (GCSA)AWS Architect Professional CertificationAWS Certified Security - SpecialtyAZ-500 (Security Admin)AZ-303 Architecture technologiesAdditional cross-disciplines in Incident Response; Table Top Exercises; and/or Risk Assessments a plus. Education: Bachelor’s degree in computer science, information technology, or equivalent work experience. A masters degree in information security/computer science or a technology-related field preferred. The salary range for this position is $140,000 to $200,000 annually. This salary range is an estimate and the actual salary will vary based on applicant’s education, experience, skills, and abilities, as well as internal equity and alignment with market data.  The salary may also be adjusted based on applicant’s geographic location. How we support our colleagues  In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself.  We offer a variety of working style solutions, but we also recognize that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.   Aon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status.  Aon is committed to a diverse workforce and is an affirmative action employer. People with criminal histories are encouraged to apply.  We provide individuals with disabilities reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment in accordance with applicable law. Please contact us to request an accommodation on ReasonableAdjustments@Aon.com Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. #LI-AR1#LI-REMOTE 2510525,qualifications:UNAVAILABLE,responsibilities:Cyber Security Advisory Consulting Director Aon’s Cyber Security Advisory Consulting is a client-facing management consulting function. Our Proactive Advisory teams, within this business unit, specialize in the development and implementation of customized cybersecurity solutions for clients’, in fee-for-service projects to mitigate risks and prepare companies in advance of a cyber incident. Our Advisory services lines include Cybersecurity Organizational Design and Strategy; Risk and Compliance; Defense and Transformation; Resilience; Data Security and Privacy; and M&A/Private Equity. This is a remote position with flexibility to work virtually from anywhere within the United States.  Some travel to clients sites may be required in the future (up to 30%). Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world.  As an organization, we are united through trust as one inclusive, diverse team, and we are passionate about helping our colleagues and clients succeed.  What the day will look like Lead, manage, or oversee multiple simultaneous teams that conduct enterprise-level technical assessments for various clients.Assist with various practice client engagement pursuit initiatives, including the development of client engagement proposals.Assist in developing the Service Line offering maturity, market eminence, innovation, sales support by delivering presentations, white paper thought pieces, market facing collateral, etc.Assist in managing the Service Line staff by driving periodic meetings and touchpoints, as well as mentoring and de-escalating conflict or customer service concerns.Develop standard methodologies for container and serverless security in a hybrid cloud environmentProgram development for SSDLC including technology and process for CI/CD pipeline and cloud configurationsDevelop / Integrate security into the Software Development Process for clientsSupervise engagement team members during client engagement execution, ensuring timely progress, achievement of objectives, and delivery quality.Understand existing client processes and controls and associated risks with respect to electronic and non-electronic information security.Assess and investigate client IT security programs and environments via interviews and technical information analyses.Assess IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models.Develop client security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.Develop strategies to reduce security risks across cloud services, on-premise infrastructure, servers, network devices, and user endpoints.Develop client strategies to defend against threats such as ransomware, nation-state attacks, and insider threat.Formulate executive level recommendations related to Information Security strategy.Enhances team competence by answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.Track emerging security practices and contribute to building internal processes. How this opportunity is different You'll be using your hands-on IT Security skills to support multiple external business clients, all with different environments, priorities and goals.  This variety will keep the position challenging.  Our Cyber Security Consulting business is booming, but we have still been able to maintain a team culture that is founded on collaboration and balance. Skills and experience that will lead to success The ideal candidate would have 7 years in progressively sophisticated roles in information security consulting, coupled with demonstrable experience in various Cybersecurity domains, including security engineering, security operations, infrastructure penetration testing, cloud security and/or Blue Team/Red Team, performing technical security assessments and remediation5 years of client delivery project and people management experience (minimum 5 people)Prior development of market facing collateral, articles, and delivery of presentations to audiences or large audience remote (WebEx, Teams, etc).3 years of hands-on technical experience with at least one cloud platform in security or infrastructure implementation and operations for leading Cloud service providers e.g., Amazon AWS, Microsoft Azure, Google CloudExperience designing Cloud reference architectures and outlining baseline security requirements for Cloud services (such as EC2, VPC, RDS, etc.)Proficiency and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools (e.g. Azure, AWS, GCP, Kubernetes, Docker, etc.)Knowledge/experience in continuous integration technology (e.g. Chef, Puppet, Docker, Jenkins, Ansible, or related tools)Comprehensive understanding of Terraform, CloudFormation, and/or other IAAC offeringsStrong oral and written communications skills. A demonstrated ability to write clear, coherent and precise reports on a multiplicity of complex technical issues is essential.The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues.This position requires handling multiple engagements with overlapping deadlinesA collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel.Travel is required.Preferred Experience:Recent consulting experience with a mid to large size consulting firm/practice would be a plus.Preferred Security certifications:GIAC Cloud Security Automation (GCSA)AWS Architect Professional CertificationAWS Certified Security - SpecialtyAZ-500 (Security Admin)AZ-303 Architecture technologiesAdditional cross-disciplines in Incident Response; Table Top Exercises; and/or Risk Assessments a plus. Education: Bachelor’s degree in computer science, information technology, or equivalent work experience. A masters degree in information security/computer science or a technology-related field preferred. The salary range for this position is $140,000 to $200,000 annually. This salary range is an estimate and the actual salary will vary based on applicant’s education, experience, skills, and abilities, as well as internal equity and alignment with market data.  The salary may also be adjusted based on applicant’s geographic location. How we support our colleagues  In addition to our comprehensive benefits package, we encourage a diverse workforce. Plus, our agile, inclusive environment allows you to manage your wellbeing and work/life balance, ensuring you can be your best self at Aon. Furthermore, all colleagues enjoy two “Global Wellbeing Days” each year, encouraging you to take time to focus on yourself.  We offer a variety of working style solutions, but we also recognize that flexibility goes beyond just the place of work... and we are all for it. We call this Smart Working! Our continuous learning culture inspires and equips you to learn, share and grow, helping you achieve your fullest potential. As a result, at Aon, you are more connected, more relevant, and more valued. Aon values an innovative, diverse workplace where all colleagues feel empowered to be their authentic selves. Aon is proud to be an equal opportunity workplace.   Aon provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, veteran, marital, domestic partner status, or other legally protected status.  Aon is committed to a diverse workforce and is an affirmative action employer. People with criminal histories are encouraged to apply.  We provide individuals with disabilities reasonable accommodations to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment in accordance with applicable law. Please contact us to request an accommodation on ReasonableAdjustments@Aon.com Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time. #LI-AR1#LI-REMOTE,skills:UNAVAILABLE,workHours:UNAVAILABLE,jobBenefits:UNAVAILABLE,datePosted:2022-06-07T16:14:00 0000,employmentType:FULL_TIME,educationRequirements:UNAVAILABLE,salaryCurrency:USD,baseSalary:{@type:MonetaryAmount,currency:USD,value:{@type:QuantitativeValue,value:0,minValue:0,maxValue:0,unitText:YEAR}},validThrough:2023-06-07T16:14:54.000Z,industry:UNAVAILABLE,hiringOrganization:{@type:Organization,name:Aon Corporation,sameAs:https://jobs.aon.com,logo:https://assets.jibecdn.com/prod/aon/0.0.47/assets/brands/https://aon.icims.com/icims2/servlet/icims2?module=AppInert&action=download&id=1134557&hashed=154379},jobLocation:{@type:Place,address:{@type:PostalAddress,addressLocality:Chicago,addressRegion:Illinois,streetAddress:200 E Randolph,postalCode:60601,addressCountry:United States}}}

Company info

Aon PLC.
Website : http://www.aon.com