In a world of disruption and increasingly complex business challenges, our professionals bring truth into focus with the Kroll Lens. Our sharp analytical skills, paired with the latest technology, allow us to give our clients clarity-not just answers-in all areas of business.
We embrace diverse backgrounds and global perspectives, and we cultivate diversity by respecting, including, and valuing one another. As part of One team, One Kroll
, you'll contribute to a supportive and collaborative work environment that empowers you to excel.
Kroll, a division of Duff & Phelps and part of the Governance, Risk, Investigations and Disputes business unit, is the leading global provider of risk solutions. For more than 45 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services.
Kroll's Cyber Risk team works on thousands of cybersecurity related incidents and engagements a year, including some of the most complex and highest profile matters in the world. With experts based around the world, supported by ground-breaking technology, we can help protect our client's data, people, operations and reputation with innovative investigations, response and proactive assessments.
Our clients also count on us for rapid, expert support in the event of a cyber incident or attack; we help clients of all sizes respond to incidents and restore stability through deep incident response, investigations, and digital forensics services as well as through eDiscovery, breach notification, identity monitoring and restoration services for individuals affected by a data breach.
At Kroll, your work will help deliver clarity to our clients' most complex governance, risk, and transparency challenges. Apply now to join One team, One Kroll. RESPONSIBILITIES:
We are looking for bright, motivated, and inquisitive minds to join our Kroll Responder Customer Operations Team who are experienced in and passionate about endpoint monitoring and active response. This practice area includes primarily managed endpoint detection and incident response clients. The candidate will focus on delivering and managing outstanding customer experiences with our managed services, from initial onboarding of new customers to providing ongoing relationship management, product training, service response, and support.
This position is remote.
- Serve as a point of contact for long-term client engagements and participate in the various onboarding, service delivery, training, and technical and operational support tasks to ensure timely and effective delivery of services.
- Participate in client teleconference calls and meetings, providing excellent support, updates, addressing client needs and feedback.
- Collaborate with broader Cyber Risk team members, including sales, marketing, engagement managers, and security analysts to provide standard and ad-hoc solutions to meet client needs, and to provide feedback and support.
- Work effectively with Kroll's strategic partners as applicable to the services.
- Maintain technical knowledge and proficiency in the underlying cyber security tools, processes,and technologies required to deliver the services, including endpoint protection (EPP), endpoint detection and response (EDR), Antivirus, and related tools.
- Collect and review relevant forensic artifacts to identify root cause and understand nature of threats, and to contain certain threats.Develop and communicate written and verbal threat reports associated with events to customers.
- Assist clients with questions regarding threat detections, EDR tools, deployment, and maintenance.
- Bachelor's degree or higher in Computer Science, Cyber Security, Computer Engineering, or similar technical degree.
- Minimum 3 years' experience in threat hunting, detection, and response or equivalent cyber security experience.
- Ability to respond rapidly, multi-task, and communicate effectively both verbally and in writing with customers, team members, and engagement managers.
- Must be detail and process oriented, requiring demonstrated excellence in time management,project management and prioritization.
- Must have outstanding written and verbal communication skills.
- Must be able to think independently, critically, and exercise good business judgement and maintain professional demeanor in all client and colleague interactions.
- Must be enthusiastic, flexible, and collaborative.
- Must have outstanding communication, client relationship management, and problem resolution skills, with the ability to effectively advise leadership.
- Solid understanding of Windows operating system fundamentals, architecture (File System, registry, processes, binaries, DLL's, etc.) and administration concepts. Similar understanding of MacOS and/or Linux a plus.
- Prior experience using endpoint threat detection and response (EDR) products to investigate threats such as VMWare Carbon Black, Windows Defender ATP, Crowdstrike Falcon, Sentinel One, Trend Micro XDR, Tanium, or others.
- Understanding of common threat actor techniques, malware behavior and persistence mechanisms.
- Working knowledge of TCP/IP and related networking concepts.
- Relevant cyber security certifications including CISSP, GCIA, GCIH, GCFA, GMON, or GREM a plus.
- Availability for occasional after-hours, weekends, and/or holiday work in response to active incidents.
- Must be a US citizen or a green card holder
In order to be considered for a position, you must formally apply via careers.kroll.com. Kroll is committed to creating an inclusive work environment. We are proud to be an equal opportunity employer and will consider all qualified applicants regardless of gender, gender identity, race, religion, color, nationality, ethnic origin, sexual orientation, marital status, veteran status, age or disability.
All employees must comply with Kroll's mandatory vaccination policy, subject to all applicable federal, state, and local laws.