Careers

There has never been a better time to begin a career in cybersecurity! The demand for cybersecurity services is growing fast and you can be a part of it. Joining the Security Risk Advisors team means:

LEVELING UP

Continuously learning new skills and technologies

GREAT CULTURE

Our team is close-knit and our facilities are designed for collaboration, hosting industry groups and our own fun events

MOVING FAST

Career advancement based on your accomplishments

Assessments

+- Ethical Hacker Consultant

This position will be part of Security Risk Advisors’ Ethical hacking team. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding. We work with a wide variety of toolsets and across all industry sectors with a focus on Fortune 50 and Fortune 500 organizations.

Core Responsibilities:

  • Red Teams: adaptive, flag-based red team engagements designed to demonstrate the impact of a dedicated, persistent attacker
  • Purple Teams: the “open-book” approach to penetration testing, working side-by-side with our internal and client blue teams to strengthen defense against real attackers.
  • Web and Mobile Assessments: dynamic web and mobile application security testing
  • Penetration Testing: assess internal and external networks for common and custom security flaws that can lead to widespread access to sensitive systems and data
  • Tactical Assessments: social engineering, spear phishing, physical break-ins, product security assessments, industrial control systems, architecture reviews
  • Documentation: document evidence of work in reports and status updates
  • Research and Innovation: use knowledge gained to conduct research initiatives with the purpose of improving our services and giving back to the community

 

Environment

  • All Consultants attend security conferences and training to up your skillsets as you learn your tradecraft
  • You will work side-by-side with other highly-skilled operators in a collaborative environment

 

Requirements:

  • 0-3 years previous professional information security consulting experience
  • Some hands-on (lab or experience) penetration testing or red team experience including web application, network, wireless, and mobile hacking
  • Strong organization skills with attention to detail
  • Interest in taking the initiative for personal growth and development
  • Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed
  • Strong written and verbal communication skills with a high level of professionalism
  • Bachelor’s degree Information Technology, IT Security, Computer Science, Computer Engineering or equivalent subject matter
  • Willingness to travel 30-50% depending on assignments and specializations

 

About SRA:

Security Risk Advisors is a 90+ person fast-growing cybersecurity consulting company.  Our clients are concentrated in the Fortune 1000 and Global 1000.  We have a fast-paced, agile and fun culture that focuses exclusively on cutting edge cybersecurity engagements that solve the emerging needs of our clients.  Our environment fosters the continuous professional development necessary to remain at the top of our game. We are a Philadelphia-based company and our team members maintain flexible hours through a combination of work from home and reasonable travel.

Threat Management

+- Manager, Threat Management

The Manager position is a part of Security Risk Advisors’ Threat Management practice which provides Advisory and Engineering security consulting services. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding for both our clients and our team. This is an outstanding opportunity to work across various well-known client organizations.

 

Responsibilities:

  • Apply Threat Management’s services across multiple client engagements involving Incident Response, Data Protection, EDR, Network Security Monitoring & Architecture, SIEM, Forensics, Antivirus & Exploit Mitigation, Cloud Security, Threat Intelligence, and Email Defense.
  • Architect, engineer and audit client environments and controls to ensure the protection of critical infrastructure, assets and resources.
    Assist with drafting proposals, Statement of Work contracts, and change orders for Threat Management services.
  • Provide leadership, strategic direction, coaching and mentorship to Threat Management teams across multiple and simultaneous projects.
    Assist with project staffing, scheduling and monitoring of project budgets.
  • Thoroughly document project milestones, deliverables and status at cadence and in formal reports as well as present findings to senior-level client stakeholders.
  • Provide internal training (including onboarding) in areas of expertise and assist with service delivery development.
  • Remain current on the information security landscape and emerging threat trends, tools and methodologies.
  • Attend conferences and training as required to maintain proficiency and offer knowledge share sessions for other teams.
  • Actively engage the Information Security community by attending conferences and developing/presenting thought-leadership perspectives as a guest speaker.

 

Requirements:

  • 5+ years of professional information security consulting experience.
  • 10+ years of experience within information technology.
  • Broad SME-level experience across multiple information security control set categories and vendor products, including but not limited to: FireEye, Fidelis, Splunk,
  • Intel/McAfee, RSA, IBM, Symantec, Resilient,Cybereason, Tanium, Bit9/CarbonBlack, Palo Alto, Bro and Snort.
  • Strong organizational skills with high attention to detail.
  • Strong drive towards taking initiative for personal growth and development.
  • Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
  • Exceptional written and verbal communication skills with a high level of professionalism.
  • Bachelor’s degree in Computer Engineering Technology or equivalent subject matter.
  • Willingness to travel.

Skills and Qualifications:

Consulting, Creative Problem Solving, Attention to Detail, Coordination, Reporting, Team Work, Coaching, Highly Motivated, Writing, Decision Making, Analyzing Information, Information Security Policies, Scheduling, Strategic Planning

About SRA:

Security Risk Advisors is an 80+ person fast-growing cybersecurity consulting company.  Our clients are concentrated in the Fortune 1000 and Global 1000.  We have a fast-paced, agile and fun culture that focuses exclusively on cutting edge cybersecurity engagements that solve the emerging needs of our clients.  Our environment fosters the continuous professional development necessary to remain at the top of our game. We are a Philadelphia-based company and our team members maintain flexible hours through a combination of work from home and reasonable travel.

+- Senior Cloud Security Consultant

The Senior Cloud Security Consultant position will be part of Security Risk Advisors’ Threat Management Practice which is comprised of Advisory and Engineering services. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding for both our clients and our team. This is an outstanding opportunity to work across various well-known client organizations.

Responsibilities:

  • Apply Threat Management’s services across the security platforms for Incident Response, DLP, EDR, Network Detection & Forensics, SIEM, Network Architecture and Firewall Management.
  • Monitor and audit customer systems to ensure the protection of those systems, information resources, and data within.
  • Effectively lead and manage a team to deliver projects.
  • Use Security Information Event Management tools (SIEM), Endpoint Detection & Response tools (EDR), and Network Security Monitoring tools (NSM) such as FireEye, Fidelis, Splunk, Intel/McAfee, RSA, IBM, Symantec, Resilient, Cybereason, Tanium, Resolution1, CarbonBlack, Bro and Snort.
  • Thoroughly document work in formal reports and present findings to management suitable for customer consumption.
  • Manage project delivery including status tracking and client deliverables.
  • Assist in coaching and providing feedback to Junior Consultants on the team.
  • Remain current on information security and emerging threat trends, tools and methodologies to combat the same.
  • Attend conferences and training as required to maintain proficiency.
  • Protect organization’s value by keeping information confidential.

 

Requirements:

  • 3+ years of professional information security consulting experience.
  • 10+ years of experience within information technology.
  • Be a SME in one of the following: Incident Response, DLP, EDR, Network Detection & Forensics, SIEM, Network Architecture or Firewall Management. Also have the ability to independently execute a project in that category.
  • Strong organization skills with attention to detail.
  • Experience around incident investigation and forensics, penetration testing, software development and scripting.
  • Interest in taking the initiative for personal growth and development.
  • Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
  • Strong written and verbal communication skills with a high level of professionalism.
  • Bachelor’s degree in Computer Engineering Technology or equivalent subject matter.
  • Willingness to travel.

 

Skills and Qualifications:

Consulting, Creative Problem Solving, Attention to Detail, Coordination, Reporting, Team Work, Coaching, Highly Motivated, Writing, Decision Making, Analyzing Information, Information Security Policies, Scheduling, Strategic Planning

+- Threat Management Consultant

The Consultant position will be part of Security Risk Advisors’ Threat Management Practice which is comprised Advisory and Engineering services. This role will be involved in the advisory and engineering activities of the group. Our style of consulting is dynamic, innovative, fast-paced, and highly rewarding for both our clients and our team. This is an outstanding opportunity to work with a wide variety of tool sets and across various well-known client organizations.

 

Responsibilities:

  • Collaborate with clients to design and implement security strategies & architectures across platforms and for a variety of solutions.
  • Conduct requirements gathering, analysis, and develop security strategies for clients.
  • Apply Threat Management’s services across the security platforms for Incident Response, DLP, EDR, Network
  • Detection & Forensics, SIEM, Network Architecture and Firewall Management.
  • Work effectively as part of a team to deliver projects.
  • Use Security Information Event Management tools (SIEM), Endpoint Detection & Response tools (EDR), and Network Security Monitoring tools (NSM) such as FireEye, Fidelis, Splunk, Intel/McAfee, RSA, IBM, Symantec, Resilient, Cybereason, Tanium, Resolution1, CarbonBlack, Bro and Snort.
  • Thoroughly document work in formal reports and present findings to management suitable for customer consumption.
  • Assist in coaching and providing feedback to Junior Consultants on the team.
  • Remain current on information security and emerging threat trends, tools and methodologies to combat the same.
  • Attend conferences and training as required to maintain proficiency.
  • Protect organization’s value by keeping information confidential.

 

Requirements:

  • Previous professional information security consulting experience a plus.
  • 1+ years of experience with enterprise level security networking and incident response.
  • Knowledge of the following: Incident Response, DLP, EDR, Network Detection & Forensics, SIEM, Network Architecture and Firewall Management.
  • Strong organization skills with attention to detail.
  • Experience around incident investigation and forensics, penetration testing, software development and scripting.
  • Interest in taking the initiative for personal growth and development.
  • Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
  • Strong written and verbal communication skills with a high level of professionalism.
  • Bachelor’s degree in Computer Engineering Technology or equivalent subject matter.
  • Willingness to travel.

Skills and Qualifications:

Consulting, Creative Problem Solving, Attention to Detail, Coordination, Reporting, Team Work, Coaching, Highly Motivated, Writing, Decision Making, Analyzing Information, Information Security Policies

GRC

CyberSOC

+- 3rd Shift Information Security Operations Consultant

The Information Security Operations Consultant position will be specific to morning watch (12 AM to 9 AM) and part of Security Risk Advisors’ CyberSOC Team. This role will be involved in the day-to-day, 24×7, operations of the SOC. This is an outstanding opportunity to work with a wide variety of tool sets and various client organizations.

Responsibilities:

  • Eyes on glass security monitoring for threats.
  • Respond to alerts, investigate to determine if they are true positive or false positive.
  • Use the latest security monitoring technologies to detect malware and hackers.
  • Use Security Information Event Management tools (SIEM), Endpoint Detection & Response tools (EDR), and Network Security Monitoring tools (NSM) such as FireEye, Fidelis, Splunk, Intel/McAfee, RSA, IBM, Symantec, Resilient, Cybereason, Tanium, Resolution1, CarbonBlack, Bro and Snort.
  • Thoroughly document work and present findings to management suitable for customer consumption.
  • Attend conferences and training as required to maintain proficiency.
  • Protect organization’s value by keeping information confidential.

 

Requirements:

  • 1-3 years of professional experience, campus applicants are welcome.
  • Strong organization skills with attention to detail.
  • A demonstrated passion for technology.
  • Work effectively as part of a team, yet function well with independent responsibilities.
  • Experience or coursework around incident investigation and forensics, information security and computer networking.
  • Interest in taking the initiative for personal growth and development.
  • Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
  • Strong written and verbal communication skills with a high level of professionalism.
  • Bachelor’s degree in Computer Engineering Technology or equivalent subject matter.
  • Willingness to travel.
  • Ability to work non-core hours including weekends and night shifts.

 

Skills and Qualifications:

Creative Problem Solving, Attention to Detail, Coordination, Reporting, Team Work, Highly Motivated, Writing, Decision Making, Analyzing Information.

 

About SRA:
Security Risk Advisors is an 80+ person fast-growing cybersecurity consulting company.  Our clients are concentrated in the Fortune 1000 and Global 1000.  We have a fast-paced, agile and fun culture that focuses exclusively on cutting edge cybersecurity engagements that solve the emerging needs of our clients.  Our environment fosters the continuous professional development necessary to remain at the top of our game. We are a Philadelphia-based company and our team members maintain flexible hours through a combination of work from home and reasonable travel.

+- Information Security Operations Consultant

The Information Security Operations Consultant position will be part of Security Risk Advisors’ CyberSOC Team. This role will be involved in the day-to-day, 24×7, operations of the SOC and there is clear path for career progression. This is an outstanding opportunity to work with a wide variety of tool sets and various client organizations.

 

Responsibilities:

  • Eyes on glass security monitoring for threats.
  • Respond to alerts, investigate to determine if they are true positive or false positive.
  • Use the latest security monitoring technologies to detect malware and hackers.
  • Use Security Information Event Management tools (SIEM), Endpoint Detection & Response tools (EDR), and Network Security Monitoring tools (NSM) such as FireEye, Fidelis, Splunk, Intel/McAfee, RSA, IBM, Symantec, Resilient, Cybereason, Tanium, Resolution1, CarbonBlack, Bro and Snort.
  • Thoroughly document work and present findings to management suitable for customer consumption.
  • Attend conferences and training as required to maintain proficiency.
  • Protect organization’s value by keeping information confidential.

 

Requirements:

  • 0-3 years of professional experience, campus applicants are welcome.
  • Strong organization skills with attention to detail.
  • A demonstrated passion for technology.
  • Work effectively as part of a team, yet function well with independent responsibilities.
  • Experience or coursework around incident investigation and forensics, information security and computer networking.
  • Interest in taking the initiative for personal growth and development.
  • Flexibility to accommodate changing schedules of client and project needs and willingness to work extended hours when needed.
  • Strong written and verbal communication skills with a high level of professionalism.
  • Bachelor’s degree in Computer Engineering Technology or equivalent subject matter.
  • Willingness to travel.
  • Ability to work non-core hours including weekends and night shifts.

 

Skills and Qualifications:

Creative Problem Solving, Attention to Detail, Coordination, Reporting, Team Work, Highly Motivated, Writing, Decision Making, Analyzing Information.

Operations

Co-Ops and Internships

+- Internship & Co-op Opportunities

Fill out an application to be considered for a summer internship with Security Risk Advisors.

We also look for students who are willing to take a semester off to complete a full time co-op with us.