Alvarez & Marsal (“A&M”) is a global professional services firm that assists clients ranging from global enterprises
to middle market companies that are both publicly held or privately owned, as well as large and mid-cap private
equity firms, corporate management and boards of directors. A&M applies its capabilities across industries, with
dedicated expertise in financial services, healthcare, real estate and the public sector, from its offices around the
world. The Forensic Technology practices focuses on computer forensics, electronic discovery, data-mining and
security consultative services.
Our Clients include:
• 98% of AmLaw 100 firms
• 25% of the S&P 500
• 11 of the FTSE 100
• 300+ mid- and large-Cap private equity firms
• 50% of all Fortune 100 companies
• 20% of Fortune Global 500 companies
• 18 of 20 of the largest banks in the U.S.
The Forensic Technology practice is looking for a full-time data security and intrusion detection analyst to work out
of the practices’ datacenter operations facility located in Dallas, Texas. This position will focus on assisting the
practice in defining, obtaining and maintaining SSAE 16 certification as well as other trusted site certifications as
appropriate. Once established, this role will be expected to perform traffic analysis, intrusion analysis and detection
of threats. Additional duties would include the authoring of security procedures. The ideal candidate is required to
possess deep working knowledge of Intrusion Detection System (IDS) and Intrusion Protection System (IPS), and
the roles such systems play in detecting intrusion attempts and successfully protecting against such actions. The
successful candidate will work directly with practice management to create custom intrusion signatures and to help
detect specific network traffic and access anomalies. This requires comprehension of, and excellent experience with
most viruses and worms that may infiltrate into and propagate throughout large networks. In addition, the individual
must have experience in populating sensors with newly available signatures when responding to events or
• UAG administration and configuration
• Recognize publicly known attack traffic patterns.
• Tune IDS/IPS systems
• Create and modify IDS/IPS signatures
• Install/configure/administer Unix/Linux servers
• Recognize "known" and suspicious attack traffic patterns
• Determine/recommend new detection/prevention methods/capabilities
• Write/read regular expressions
• New vulnerability identification
• Write/modify SEIM correlation rules and define SEIM content
• Lead internal Incident Response
• Provide diagnosis and assist in drafting remediation strategies.
• Weekly reporting and monthly summaries of events with detailed information on critical alerts/incidents
• Familiarity with SSAE 16 certification requirements
• STIG Knowledge and Understanding
• Vulnerability Assessment
• Windows Server Administration
• Exchange Administration
• Storage Administration
• Qualsys experience a plus
• Spelunk experience a plus
Seven or more years of demonstrable perimeter security administration, server administration, intrusion detection &
prevention and certification compliance.
• One or more GIAC certification (preferred) OR
• CISSP certification and/or CompTIA certification
• Undergraduate degree in related field preferred
• Relevant experience will be considered as compensation for degree as appropriate
Commensurate based on experience and education.
Alvarez & Marsal - 20 months ago
About Alvarez & Marsal:
Alvarez & Marsal (A&M) is a global professional services firm specializing in turnaround and interim...