Senior M&A Cybersecurity Response Analyst (Remote)

Introduction

Welcome to Gallagher - a global leader in insurance, risk management, and consulting services. With a growing team of more than 45,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it's with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where you'll play a pivotal role in shaping Gallagher's future and unlocking unparalleled opportunities for both clients and yourself.

We believe that every candidate brings something special to the table, including you! So, even if you feel that you're close but not an exact match, we encourage you to apply.

Overview

Our Cybersecurity team is growing and we're looking for a Sr M&A Cyber Response Analyst. In this role, you will be responsible for responding to cyber security events through cyber detection technologies, managed security service providers and other intake channels for non-integrated acquisitions (NIAs). This role will be part of the global AJG Cyber Fusion Center which is a 24x7 cyber operations group. The primary activities of the position will be to conduct day one forensics and threat hunting within non-integrated acquisition environments. This role will also contribute to the ongoing maturity of the Cyber Fusion Center program including developing and operationalizing the M&A cyber forensic-threat hunting program.

This position can be entirely virtual/remote/work from home and you can sit anywhere in the US.

How you'll make an impact

• Provide incident triage and security incident response support for non-integrated acquisitions.

• Conduct cyber forensics investigations and threat hunts to identify security control exposures or existing security incidents within non-integrated acquisition environments.

• Build and execute custom threat hunts based on non-integrated acquisition environment(s).

• Support internal Cyber Fusion Center teams in deploying and executing corporate threat hunts.

• Work with security engineering teams to validate detection effectiveness as well as identifying detection improvements.

• Manage and prioritize multiple engagements simultaneously, ensuring timely and accurate completion.

• Execute incident response plans to effectively mitigate and manage cybersecurity incidents across our M&A partners and CFC Staff.

• Develop incident risk reports from threat hunts and investigations for internal stakeholders.

• Monitor EDR and Security Information and Event Management (SIEM) technologies.

• Provides recommendations for improving detection and monitoring technologies for non-integrated acquisitions.

• Ensure best practice security practices and procedures are applied to all non-integrated acquisitions.

• Manage and lead on other Cyber Fusion Center responsibilities that may include but not limited to documentation, advanced malware analysis, exceptions tracking, security tool management, automation tuning, detection configuration, and ad-hoc reporting/metrics.

• Act a subject matter expert on related security projects, increasing automation, testing and documentation of security related processes.

Primary Role Skillsets:

• Advanced Intrusion Detection and prevention (IPD/IDS)

• Advanced network and edge protection, firewalls, proxies

• Deep understanding of offensive and defensive Attack Methods, threat hunting

• Advanced understanding of detection and monitoring technologies

• Advanced application of network analysis technologies and analysis

• Advanced system, network and cloud forensic experience

• Advanced Endpoint Detection & Response (EDR) skills

• Advanced operating system security, Windows/Linux

• Advanced penetration testing Technologies (e.g. Metasploit, Kali)

• Working knowledge of relationship between vulnerabilities and exploits

• Advanced understanding of MITRE attack framework and industry kill chains.

• Advanced understanding of attacker methods in complex, globally enabled programs

About You

• BS/BA degree in Computer Science, Information Systems, related discipline or equivalent experience.

• 5+ years of professional work experience in the cybersecurity industry

• Deep knowledge of operating system and detection technologies.

• Strong analytical skills to define risk, identify potential threats, and develop and document action/mitigation plan.

• Strong people skills, ability to mentor/train staff and bring awareness to current and emerging threats.

• Ability to work efficiently and self-motivate with little to no supervision.

• Certifications a plus: CISSP, SAN GIAC Certifications (GCIH, GPEN, GSEC, etc.)

• Strong written and verbal communications skills with an ability to present technical risks and issues to technical and non-technical audiences internal and external to the organization.

#LI-DK3

#LI-Remote

Compensation and benefits

On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits.

Below are the minimum core benefits you'll get, depending on your job level these benefits may improve:

• Medical/dental/vision plans, which start from day one!

• Life and accident insurance

• 401(K) and Roth options

• Tax-advantaged accounts (HSA, FSA)

• Educational expense reimbursement

• Paid parental leave

Other benefits include:

• Digital mental health services (Talkspace)

• Flexible work hours (availability varies by office and job function)

• Training programs

• Gallagher Thrive program - elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing

• Charitable matching gift program

• And more...

We value inclusion and diversity

Click Here to review our U.S. Eligibility Requirements

Inclusion and diversity (I&D) is a core part of our business, and it's embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work.

Gallagher embraces our employees' diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest.

Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as "protected characteristics") by applicable federal, state, or local laws.

Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.