Bain & Company, Inc.

COMPANY PROFILE 

Bain & Company is one of the top management consulting firms in the world that helps the world’s most ambitious change makers define the future. 
Across 65 cities in 40 countries, we work alongside our clients as one team with a shared ambition to achieve extraordinary results, outperform the competition, and redefine industries. We complement our tailored, integrated expertise with a vibrant ecosystem of digital innovators to deliver better, faster, and more enduring outcomes. 
The firm established several functions in the Indian market early 2000s and its remit across functions has expanded over time. Since 2019, these functions have become part of Global Business Services (GBS). Global Business Services (GBS) is a network of five interconnected business-function hubs across India, Poland, Malaysia, Mexico and Portugal, serving Bain globally to run our business, support other functions, and help drive innovation internally. We are over 1000 business professionals – serving functions in operations, HR, finance, legal, tech, marketing, research, and data analytics – who support our offices globally.  Our mantra of “shared innovation, seamless execution,” underpinned by a passion for results, teamwork, and creativity, helps Bain stay at the top of our game operationally.

PROFILE SUMMARY
The Senior Analyst is a position within Bain's Cyber Security Department, whose mission is to safeguard the digital assets and integrity of the organization. In this role, the Analyst understands how security measures align with the overall organizational strategy and will begin to organize and lead in the development and implementation of security controls that adhere to regulatory requirements and best practices. The Sr. Analyst will monitor, analyze and respond to potential security incidents and threats, analyze their urgency and impact to Bain, implement necessary responsive measures to protect the organization's digital assets, data, and infrastructure. These measures may require taking a leadership position in coordinating activities across the team working with technical teams and Security leadership. The Senior Analyst Security Operations role has multiple disciplines these include Threat Intelligence, Vulnerability Management and Pro-Active Security Testing and Enhanced Security Operations. Team members may spend some a percentage or all of their time in these specific disciplines.

RESPONSIBILITIES

Vulnerability Management (80%) 

• Collaborate with cross-functional teams and provide leadership and guidance. Serve as a subject matter expert in vulnerability management security discussions and decision-making.
• Conduct regular vulnerability scans on the organization's network, applications, and systems using industry-standard tools.
• Experience implementing and operationalizing vulnerability management tools, processes, and best practices.
• Oversee the classification and prioritization of vulnerabilities based on risk and potential impact.
• Lead meetings to collaborate with IT and development teams to remediate identified vulnerabilities.
• Track progress and present reports on a regular interval to leadership.
• Stay informed about emerging trends and technologies in cybersecurity.
• Work collaboratively with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture.

Enhanced Security Operations (10%)

• Expertise and experience in Forensic Investigations and Tooling
• Red Team, Blue Team, Purple team exercise leadership experience.

Professional Development and Innovation (10%)  

• Stay informed about emerging trends and technologies in cybersecurity.
• Work collaboratively with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture.
• Explore Professional Certifications and work with leadership to plan trainings.

QUALIFICATIONS & EXPERIENCE 

Security Monitoring & Incident Detection and Response

• Strong knowledge of Splunk (or other SIEM tools),CrowdStrike, Windows Defender, Other AV/EDR tool configuration, Cyberhaven (or other DLP tools)
• Knowledge of Vulnerability & Attack Surface Management toolsets, Threat Intelligence and Analysis tools, Vendor technical Risk Scoring tools, Deception technologies
• Knowledge of ticketing, triage and forensics capabilities and toolsets

General Skills

• Good communication skills, with the ability to document and explain technical information clearly.
• Analytical mindset, with a focus on learning and problem-solving.
• Ability to work independently and well in a team, showing strong interpersonal skills.
• Eagerness to learn and adapt to new challenges in cybersecurity.
• Entrepreneurial spirit, open to trying new approaches and learning from them.
• Bachelor's degree in a related field (e.g., Computer Science, Cybersecurity, Information Technology) or an equivalent combination of education, training, and experience. 
• 5-7 Years of experience is same domain
• Experience deploying systems or applications 
• Ability to work independently and with teams on complex problems
• Complex problem solving
• Ability to work in a fast paced, dynamic environment.
• Attention to detail and priority/time management.
• Strong customer service, analytic, communication (oral and written) and troubleshooting/problem solving skills.
• Experience with endpoint security control design having implemented controls such as EDR or AV
• Experience with automation of Information Security controls
• Experience with automating tasks via scripting, 
• Experience with common cloud security control frameworks, for example NIST CSF or CSA

WHAT MAKES US A GREAT PLACE TO WORK
We are proud to be consistently recognized as one of the world's best places to work, a champion of diversity, and a model of social responsibility. We are currently ranked the #1 consulting firm on Glassdoor’s Best Places to Work list, and we have maintained a spot in the top four on Glassdoor's list for the last 15 years. We believe that diversity, inclusion, and collaboration are key to building extraordinary teams. We hire people with exceptional talents, abilities, and potential, then create an environment where you can become the best version of yourself and thrive both professionally and personally. We are publicly recognized by external parties such as Fortune, Vault, Mogul, Working Mother, Glassdoor, and the Human Rights Campaign for being a great place to work for diversity and inclusion, women, LGBTQ, and parents.