Professional Services Consultant

Overview

As one of the most established cybersecurity companies in the world, we at NetWitness are hard at work every day helping our customers and partners better protect their organizations from cyberattacks. Our products and incident response services are used within most large enterprises, governments and militaries for incident response and threat hunting.

We are looking for someone who leverages in-depth industry knowledge of the business environment and various technical solutions to assist the customer to gain market share and increase operational efficiencies. You will provide technical and consultative leadership for Consulting technical solutions opportunities on a range of complex engagements, focused on an industry or service offering.

This role requires some travel to customer sites.

Responsibilities

• Provide technical and consultative services on NetWitness solutions for a range of complex consulting engagement projects. These projects may include conducting workshops, analyzing requirements, developing solution designs and recommendations, documentation, and delivering training of NetWitness solutions for the customer.
• Work closely with project managers (or act as project manager), other personnel, and the customer to ensure a smooth project implementation and transition from start to completion.
• Deliver services both independently and in a team environment, collaborating with NetWitness sales, other personnel, and clients.
• Work on complex projects and manage multiple work streams. Define and author deliverables. Deliver projects with approved methodology while adhering to margin, planning, and SOW requirements.
• Lead project quality assurance activities, including technical QA reviews. Adhere to escalation and change control procedures. Validate requirements, prototype where needed, and create proposals addressing current and evolving client requirements.
• May manage or function as technical lead on small to medium projects or workstreams of larger, more complex projects. Understand customer business challenges and provide strategy addressing long-term goals. Analyze large data sets to produce logical options and sound deliverables to achieve customer satisfaction.
• Prepare, maintain and submit activity/progress reports and time management records. Keep stakeholders informed of activities and issues. Complete end-of-project reports. Provide knowledge transfer and training throughout and at project completion.
• Prepare detailed project plans within standard project management methodologies. Review and validate statements of work (SOW). Categorize requirements into a project plan.

Technical Responsibilities

• Work with customers to enable their ability to hunt for and detect threats.
• Track threat actors and associated tactics, techniques, and procedures (TTPs). Hunt for and identify threat actor groups and their techniques, tools, and processes.
• Provide input on cybersecurity best practices, especially as pertains to threat intel, threat hunting, and using NetWitness components (NDR, EDR, SIEM).
• Develop detection content and use cases within the NetWitness product for Network full packet capture, EDR, SOAR, and SIEM.
• Develop advanced queries and alerts to detect adversary actions. Develop dashboards and reports to identify potential threats and suspicious activity.
• Assess customer gaps in visibility and provide next-step recommendations. Help customers increase visibility and detection capability, working with incident response team members and providing expert guidance on investigating potential attacks.
• Assist with sales project scoping and provide guidance to sales teams and clients.
• Contribute to technical NetWitness course development and knowledge checks, assessments, and content QA.
• Maintain instructor documentation, illustrations, notes, questions, and presentation order for future instructors under existing documentation.
• Assist in gathering and building lab use-cases. Aid with lab deployments/upgrades, particularly for lab images and class environments.
• Deliver or help create at least one webinar every 6 months and participate in public customer training events as needed.

Required Experience / Qualifications

• Ability to understand logging mechanisms for industry-standard networks, security solutions, servers, and databases.
• Good understanding of networking/security infrastructure. Ability to detail data flow in a given topology.
• Strong communication skills (verbal, written, listening, and presentation).
• Analytical thinking and problem-solving abilities.
• Proficiency in understanding differences between logs, events, packets, and incidents.
• In-depth knowledge of data collection methods such as Syslog, SNMP, ODBC, LEA, FTP, and SFTP.
• Knowledge of threats, security trends, and industry security policies.
• Excellent presentation, workshop facilitation, and interpersonal skills.
• Professional level English speaking and writing.
• Federal security clearance can be an added advantage.