Cyber Advisor, Post-Cyber Event Hardening at At-Bay

<p><strong>Why you should join our At-Bay Security team:</strong></p> <p>Cyber insurance has become indispensable for businesses against the existential threat of cyber attacks which become more common and more devastating year after year. In response, At-Bay invented the concept of InsurSec to bridge the gap between insurance and security. Our award-winning team combines the unparalleled risk insights available to a full-stack cyber insurance carrier with full-spectrum cyber operations capabilities to bring our customers a safer and more secure working world. If you’re reading this, then you’re probably looking for a new adventure. But how about a new perspective? If impact is your goal, then join us and find out what you’re worth when a single conversation can avert a significant ransomware incident and save a small business from having their lights turned out permanently.&nbsp;</p> <p><strong>Role Overview:</strong></p> <p>The Cyber Advisor for the Post-Cyber Event Hardening service is essential in helping customers enhance their security posture following a cyber event. This role bridges the gap between recovery and long-term resilience by implementing and optimizing technical security controls directly within the customer's environment to minimize future risk.</p> <p><strong>Engagement-Based Responsibilities:</strong></p> <p>Assessment &amp; Prioritization</p> <ul> <li>Conduct targeted reviews of the insured’s environment to identify security control gaps</li> <li>Analyze and prioritize system weaknesses across cloud and on-premise infrastructure to focus remediation on the highest-risk areas</li> </ul> <p>Implementation &amp; Hardening</p> <ul> <li>Deploy security improvements, including advanced endpoint protection, email security tools, and modern network access controls</li> <li>Integrate zero-trust principles and robust identity protections to ensure resilient access management</li> <li>Execute technical hardening measures to eliminate common attack vectors and secure critical infrastructure components</li> <li>Apply technical remediations to align the environment with At-Bay’s security standards</li> </ul> <p>Strategic Resilience &amp; Advisory</p> <ul> <li>Achieve a demonstrably stronger security posture for the insured than existed prior to the cyber event</li> <li>Translate technical improvements into strategic business value, helping the insured build a sustainable culture of security</li> </ul> <p><strong>Internal Responsibilities:</strong></p> <p>Security Product &amp; Tooling Evolution</p> <ul> <li>Continuously evaluate and update technical “betterment” playbooks and toolsets to stay ahead of evolving threat actor tactics</li> <li>Test and vet new security solutions to ensure the service utilizes the most effective and reliable technologies available</li> </ul> <p>Cross-Functional Intelligence Sharing</p> <ul> <li>Provide anonymized insights from engagements to help internal teams refine risk models and security requirements</li> <li>Collaborate with internal teams to align technical remediation efforts with policy standards and emerging insurance trends</li> </ul> <p>Knowledge Leadership &amp; Training</p> <ul> <li>Act as a subject matter expert for the broader security and insurance teams on the "what and how" of modern infrastructure hardening</li> <li>Create internal anonymized post-mortems to demonstrate the ROI of the service and highlight successful security transformations</li> </ul> <p>Continuous Threat Research</p> <ul> <li>Stay current on the threat landscape to ensure hardening steps remain effective against the latest attack vectors</li> </ul> <p><strong>How you’ll make an impact:&nbsp;</strong></p> <p>By 3 months...</p> <ul> <li>Gain a deep understanding of At-Bay’s business—specifically how our insurance products, distribution, and technology stack integrate with the Post-Cyber Event Hardening service to serve our customers</li> <li>Execute targeted assessments and become proficient in analyzing security toolsets to identify security control gaps and deliver tailored, high-impact risk mitigation strategies</li> <li>Establish the collaborative relationships necessary to drive success across multiple teams, including Underwriting, Claims, and MDR</li> <li>Establish a confident communication style with customers, guiding them through technical remediation steps and advising them on achieving a measurably stronger security posture</li> </ul> <p>By 6 months...</p> <ul> <li>Contribute to the refinement and scalability of the Post-Cyber Event Hardening service by updating technical "betterment" playbooks and vetting new security solutions</li> <li>Serve as the technical lead for cybersecurity engagements, providing expert guidance throughout the hardening phase and delivering comprehensive, actionable reports</li> <li>Successfully bridge the gap between complex technical fixes and strategic business value, helping insureds build a sustainable culture of security</li> <li>Participate in strategic discussions and initiatives that leverage your field insights to shape the future of At-Bay’s cybersecurity service roadmap</li> </ul> <p><strong>What you’ve accomplished already:</strong></p> <ul> <li>Proven experience in security hardening, including security control implementation and optimization across diverse, complex environments</li> <li>Deep technical knowledge in deploying and configuring Endpoint Detection and Response (EDR/MDR), Identity and Access Management (IAM), and Email Security solutions</li> <li>Extensive experience implementing Multi-Factor Authentication (MFA) and Active Directory/Entra ID security improvements</li> <li>Expertise in securing network architectures, including firewall remediation, VPN, ZTNA, SASE, and cloud environment hardening (Azure, AWS, or GCP)</li> <li>Excellent communication skills with the ability to guide customers through technical remediation steps during high-stress, post-event periods</li> <li>Proven ability to identify and categorize security control gaps, providing tailored recommendations and applying rapid, high-impact remediations</li> <li>A collaborative mindset with the ability to work effectively alongside internal and external teams to achieve technical remediation</li> <li>Experience collecting and analyzing data from various security tools to drive informed risk management decisions and proactive defense strategies</li> <li>Proven track record of delivering insights on emerging cyber threats and translating them into proactive defensive measures</li> </ul>