Cyber Advisor, Post-Cyber Event Hardening

About The Position

Requirements

• Proven experience in security hardening, including security control implementation and optimization across diverse, complex environments
• Deep technical knowledge in deploying and configuring Endpoint Detection and Response (EDR/MDR), Identity and Access Management (IAM), and Email Security solutions
• Extensive experience implementing Multi-Factor Authentication (MFA) and Active Directory/Entra ID security improvements
• Expertise in securing network architectures, including firewall remediation, VPN, ZTNA, SASE, and cloud environment hardening (Azure, AWS, or GCP)
• Excellent communication skills with the ability to guide customers through technical remediation steps during high-stress, post-event periods
• Proven ability to identify and categorize security control gaps, providing tailored recommendations and applying rapid, high-impact remediations
• A collaborative mindset with the ability to work effectively alongside internal and external teams to achieve technical remediation
• Experience collecting and analyzing data from various security tools to drive informed risk management decisions and proactive defense strategies
• Proven track record of delivering insights on emerging cyber threats and translating them into proactive defensive measures

Responsibilities

• Conduct targeted reviews of the insured’s environment to identify security control gaps
• Analyze and prioritize system weaknesses across cloud and on-premise infrastructure to focus remediation on the highest-risk areas
• Deploy security improvements, including advanced endpoint protection, email security tools, and modern network access controls
• Integrate zero-trust principles and robust identity protections to ensure resilient access management
• Execute technical hardening measures to eliminate common attack vectors and secure critical infrastructure components
• Apply technical remediations to align the environment with At-Bay’s security standards
• Achieve a demonstrably stronger security posture for the insured than existed prior to the cyber event
• Translate technical improvements into strategic business value, helping the insured build a sustainable culture of security
• Continuously evaluate and update technical “betterment” playbooks and toolsets to stay ahead of evolving threat actor tactics
• Test and vet new security solutions to ensure the service utilizes the most effective and reliable technologies available
• Provide anonymized insights from engagements to help internal teams refine risk models and security requirements
• Collaborate with internal teams to align technical remediation efforts with policy standards and emerging insurance trends
• Act as a subject matter expert for the broader security and insurance teams on the "what and how" of modern infrastructure hardening
• Create internal anonymized post-mortems to demonstrate the ROI of the service and highlight successful security transformations
• Stay current on the threat landscape to ensure hardening steps remain effective against the latest attack vectors