Technology & Digital
Senior Security Operations Analyst
Job ID: 91999
Do you want to do work that matters, alongside supportive leaders who will help you grow faster than you ever thought possible? Are you a creative problem-solver who is energized by challenges? You've come to the right place.
Who You'll Work With
You will work in our Boston, Massachusetts or San Jose, Costa Rica office as part of the Security Operations center and in collaboration with fellow security analysts, engineers and other IT security specialists. The Security Operations Center (SOC) is McKinsey and Company's internal security monitoring, detection and response organization tasked with the detection and response to threats on the McKinsey and Company network. The SOC is a 24/7 organization with teams in different geographical zones to ensure continuous operations and coverage of security monitoring, detection and response.
Your impact within our firm
You'll investigate various types of security incidents, develop and improve existing security workflows to standardize incident response, and you'll formulate incident response steps when a new unprecedented incident is reported to the SOC. As a Senior Security Analyst, you'll work both collaboratively and independently to accomplish a variety of security tasks as well as projects. You'll collaborate with security engineers to create use cases and correlation alerts in the SIEM for continuous security monitoring, embark on specialized security projects to mature the capabilities of the security operations center, and mentor junior security analysts and train them in new security skills as required. You'll write both technical and executive incident reports when called upon and you will be expected to continue learning and improving your security analysis skills to match the current technical security challenges and innovations.
Your qualifications and skills
- Bachelor's required or master's degree preferred in IT/computer science or service-management; military experience and/or equivalent experience
- 3+ years of experience in security monitoring and/or incident response
- Experience in two or more of the following security domains: digital forensics (computer, memory, network, cloud, virtualization), malware analysis (dynamic and static), reverse engineering, pen testing, network investigations, threat hunting, threat intelligence, security engineering, OSINT
- Awareness about security products and technologies, and/or networking protocols (Splunk, LogRythim, Alien Vault, Qradar, etc.)
- Experience with cloud computing, both investigating and working with cloud infrastructure
- Experience with microservices
- Understanding of security alerts that includes malware/phishing, EDR/ XDR solutions, denial of service, unauthorized access, knowledge of security tools that include SIEM, IDS/IPS, log aggregation, malware sandboxing, threat hunting, etc.
- GIAC certifications like GCIH
- Expertise to manage SOPs, process adherence by teams & an eye for continuous improvement
FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law.
Certain US jurisdictions require McKinsey & Company to include a reasonable estimate of the salary for this role. For new joiners for this role in the United States, including all office locations where the job may be performed, a reasonable estimated range is $140,100 - $143,800 USD -to help you understand what you can expect. This reflects our best estimate of the lowest to highest salary/hourly wages for this role at the time of this posting, ensuring you have a clear picture right from the start, though it's important to remember that actual salaries may vary. Factors like your office location, your unique blend of experience and skills, start date and our current organizational needs all play a part in determining the final figure. Certain roles are also eligible for bonuses, subject to McKinsey's discretion and based on factors such as individual and/or organizational performance.
Additionally, we provide a comprehensive benefits package that reflects our commitment to the wellness of our colleagues and their families. This includes medical, mental health, dental and vision coverage, telemedicine services, life, accident and disability insurance, parental leave and family planning benefits, caregiving resources, a generous retirement contributions program, financial guidance, and paid time off.
FOR NON-U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. For additional details regarding our global EEO policy and diversity initiatives, please visit our McKinsey Careers and Diversity & Inclusion sites.