Cyber Operations Advisor

This is a fully remote position, open to applicants in Texas.

📋 Description

• Lead multiple technical engagements independently, ensuring timely achievement of measurable security outcomes and enhancements across client environments.

• Transform client business needs into actionable technical strategies and capabilities that align with security goals and provide measurable value.

• Collaborate with internal teams and clients to design strategic roadmaps and implement plans that enhance operational maturity and security posture.

• Propel service maturity by analyzing KPIs, SLAs, and performance trends to provide actionable insights and ongoing value enhancements.

• Assess and align security solutions and recommendations with client requirements, risk profiles, and strategic objectives to ensure optimal effectiveness.

• Support the documentation of business requirements, use cases, and ROI analyses to facilitate informed decision-making and demonstrate value.

• Serve as a technical advisor during pre-sales and post-sales engagements, ensuring alignment of solutions and fostering client confidence.

• Provide technical expertise for proposals, contracts, and service descriptions, ensuring accuracy and alignment with client requirements.

• Identify and recommend cross-sell and up-sell opportunities across AFC services.

• Lead or assist with security initiatives from planning through execution.

• Utilize hands-on expertise to operationalize threat intelligence across EDR, SIEM, SOAR, and related domains, enhancing detection and response capabilities.

• Analyze patterns and anomalies to pinpoint potential advanced threats and suggest proactive mitigation strategies.

• Conduct architectural reviews and offer recommendations to bolster security posture and operational efficiency.

• Evaluate and propose custom detection logic, automation, or tool enhancements to address evolving threats and operational requirements.

• Assist with platform configurations, detection logic, and automation improvements.

• Build and nurture relationships with internal and external stakeholders.

• Identify and evaluate project risks, developing mitigation strategies to ensure successful delivery and minimize impact.

• Validate project scope and deliverables to ensure they align with client expectations and contractual obligations.

• Represent Optiv in client meetings, providing clear technical guidance and executive-level communication.

• Collaborate with team members to identify issues, develop strategies, and drive continuous improvement.

• Support projects across multiple functional groups by identifying collaborative opportunities, enhancing existing deliverables, and strengthening Optiv's value to our clients.

• Ensure projects are completed on time, within budget, and to quality standards, meeting or exceeding client expectations.

⛳️ Requirements

• Bachelor’s degree (or equivalent experience) and at least 8 years in cybersecurity operations, with demonstrated advisory and leadership roles.

• Proven success in leading client-facing engagements and managing strategic security programs within professional services or consulting environments.

• Advanced analytical skills with the capability to interpret complex data and convert insights into actionable security strategies.

• Extensive knowledge of SOC operations, threat analysis methodologies, risk assessment practices, and incident response frameworks.

• Expertise in Google SecOps (SIEM/SOAR) for enhancing platform maturity in detection engineering, incident response, and automation efforts. Ideal candidates should have experience with various SIEM/SOAR technologies and be able to advise on best implementation practices.

• 2-3 years of hands-on experience managing the CrowdStrike platform and its implementation.

• Ability to identify coverage gaps, create and manage detection and prevention policies, and develop reporting to highlight platform health.

• Assist in refining and strengthening vulnerability management practices.

• Provide advice on identity management strategies to ensure secure and efficient access controls.

• Investigate opportunities to enhance and optimize automation in patch management processes.

• Experience with Swimlane in identifying automation opportunities and advising on platform integration efforts to streamline security operations.

• Hands-on experience and in-depth knowledge of platform management processes, including EDR, Vulnerability Management, SIEM, SOAR, Identity, Network, and Perimeter tooling.

• Comprehensive understanding of NIST CSF, MITRE ATT&CK, and key regulatory frameworks such as PCI, SOC 2, and ISO 27001.

• Senior-level security certifications are preferred, such as CISSP, CISM, or GCIH (or equivalent).

• Outstanding communication skills, including the ability to craft and deliver executive-level reports and compelling security narratives.

• Proven ability to establish trust and maintain strong relationships with senior client stakeholders and cross-functional internal teams.

• Expertise in cloud security across AWS, Azure, and GCP, along with working knowledge of virtualization and containerization technologies.

• Familiarity with project management methodologies (Agile, Scrum, PMI) and experience in driving security initiatives.

• Understanding of common Large Language Models and their implications for Security Operations.

• Preferred experience in security architecture, risk mitigation, disaster recovery planning, compliance testing, data loss prevention, and network security strategies, with familiarity in ITIL, COBIT, ISO standards, PCI, and SOX.

• Skilled in addressing client inquiries and resolving issues with professionalism and clarity.

• Proficient in creating presentations and technical content that comply with organizational standards and effectively convey complex concepts.

🏝️ Benefits

• Work/life balance.

• Access to professional training resources.

• Opportunities for creative problem-solving and tackling unique, complex projects.

• Volunteer opportunities.