In order to address the most critical needs of our clients, RSM US LLP established the Security and Privacy Services group, comprised of more than 170 professionals dedicated exclusively to serving the cybersecurity needs of our clients. This group includes experienced consultants located throughout the United States and Canada dedicated to helping clients with preventing, detecting, responding and recovering to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise across the full suite of security and privacy capabilities including managing the daily activities associated with our clients' security operations.
We are seeking individuals with both broad and deep managed security services experience and skills to join our team and run the ongoing security operations for RSM clients in a variety of industries and geographic locations. Successful candidates will have solid working knowledge of security monitoring and detection leading practices, understanding of industry threat and attack models, experience conducting threat hunting and intelligence activities, automation and orchestration trends and innovation as well as experience leveraging this knowledge to benefit organizations in an operational capacity.
As leaders within the managed security services practice, shift leads are responsible for developing strong working relationships with clients built on understanding their businesses and challenges. Shift leads will lead a centralized and geographically disbursed team of security operations personnel aligned to either a day or evening shift, ensuring consistency of service delivery and a smooth transition between shifts. These individuals will also work across multiple client accounts within a wide variety of industries. They are responsible to manage a number of senior analysts and analysts working within the security operations center. Working in a mutually respectful team environment helps our professionals perform at their best and integrate their career with their personal life. Shift leads typically have 5-7 years of experience in the following areas:
Operating assigned shift and continually mature the security operations center activities
Providing consolidated reporting and dashboards to operational leadership
Working with the recruiting team to conduct technical interviews of potential analysts
Demonstrating the ability to manage security operations teams, identity necessary skill sets and opportunities for continued team member professional growth
Providing leading practice recommendations in security operations, incident response, vulnerability management and automation
Understanding native monitoring tools available from common cloud platforms
Supporting simple to complex enterprise managed security solutions for a variety of business use cases and requirements
Guiding and mentoring client counterparts through the ongoing operational activities
Mentoring and directing junior analysts, conducting quality reviews of their activities, providing direction and serving as technical lead
Bachelor's degree or higher
7-10 years of related work experience, specifically 5+ years of security operations center experience operating in the cloud and/or on premise
Proven experience leading security operations center teams including interacting with external client teams and supporting operational protocols
Experience using the ServiceNow suite for overall security operations workflow management
SIEM technologies such as Splunk, LogRhythm, Sentinel, and Elasticsearch, Logstash, and Kibana (ELK)
Experience building and maturing security operation center capabilities and operations
Experience serving complex architectures and environments (cloud, on-prem or hybrid)
Experience with various automation platforms such as security orchestration and automated response (SOAR) tools
Ability to communicate effectively, both in writing and verbally
Ability to interact effectively with internal and external resources at all organizational levels
Excellent project management, organization, and follow-up skills
Strong critical thinking and problem-solving skills
Experience with the following platforms is preferred:
Common cloud platforms - Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform
SOAR tools such as: Demisto, Phantom, Forescout, etc.
Proficiency with AWS Security Center and popular security services (IAM, Key Vault, etc.)
Knowledge and proficiency with popular cloud security services (VPC, RDS, IAM, WAF, IDS/IPS, AS3, SQS, SNS, CloudWatch, CloudTrail, Inspector, Config, etc.)
Vulnerability tools such as: Kenna, Tenable, Qualys, etc.
Threat intelligence tools such as Recorded Future and ThreatConnect
Endpoint detection and response tools such as: CarbonBlack, Crowdstrike, etc.
Cloudflare, Akamai, Imperva, Fastly
Cloud access service brokers such as Netskope, ZScaler, McAfee, Forcepoint
Containers (Kubernetes, Docker) and security leading practices
You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective.
Experience RSM US. Experience the power of being understood.
RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.