Principal Consultant - Proactive Services (Unit 42)

Company Description

Our Mission

At Palo Alto Networks® everything starts and ends with our mission:

Being the cybersecurity partner of choice, protecting our digital way of life.
Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Who We Are

We take our mission of protecting the digital way of life seriously. We are relentless in protecting our customers and we believe that the unique ideas of every member of our team contributes to our collective success. Our values were crowdsourced by employees and are brought to life through each of us everyday - from disruptive innovation and collaboration, to execution. From showing up for each other with integrity to creating an environment where we all feel included.

As a member of our team, you will be shaping the future of cybersecurity. We work fast, value ongoing learning, and we respect each employee as a unique individual. Knowing we all have different needs, our development and personal wellbeing programs are designed to give you choice in how you are supported. This includes our FLEXBenefits wellbeing spending account with over 1,000 eligible items selected by employees, our mental and financial health resources, and our personalized learning opportunities - just to name a few!

Job Description

Your Career

Principal Consultant, is a senior-level consulting position within Unit 42 Proactive Services team. This team delivers Unit 42’s premium consulting services from Offensive & Defensive Security; Strategy, Transformation & Cyber Risk Management; Cyber Crisis Management & Threat Intelligence Consulting. Working closely with our Global Digital Forensic and Incident Response (DFIR) team, to protect many of the largest organisations, from even the most advanced adversaries.  

This role is client-facing and gives the individual the opportunity to lead innovative consulting engagements, become a trusted advisor to some of the world largest and best known organisations, and is someone who thrives on assisting them with their most significant cybersecurity challenges. 

The individual will work directly with multiple customers, across a range of industries and stakeholder groups (technical operators, management, C-Suite). They should have a hands-on mentality, have the technical acumen to embrace data, technological and innovative approaches to deliver the best consulting outcomes for clients, an ability to work on complex engagements independently, and flexibility to be involved in various work streams depending on their skills and business needs. 

You will be someone who thrives in a fast-paced environment, and enjoys learning and team collaboration. You will have the opportunity to share with, and learn from, a globally recognised industry leading team of security consultants and researchers.

Your Impact

Based on your unique skills and experience, you will have the opportunity to provide impact to a range of consulting engagements. These include (but not limited to): 

Offensive Security

Focusing on deeply specialised offensive security engagements, including threat-led red and purple team assessments. Provide technical expertise, working collaboratively with the team on SOC, Cloud Security, Attack Surface and AI Security Assessments.

Defensive Security & Operations

You will have deep expertise in defensive security, having designed, built and operated complex security operations environments. You will be passionate about working with our clients to enhance this critical function, and understands how to identify opportunities for improvements and transformation across governance, people, process and technology.   

Cloud Security 

With a deep understanding of industry leading cloud platforms and technologies, you will work with our customers to conduct security assessments and configuration reviews across multi-cloud and hybrid-cloud environments. You will have a comprehensive understanding of the cloud threat intelligence landscape, including threat actors in cloud environments and common attacks in the cloud. Your experience will include assessing client implementations of multi-cloud and hybrid-cloud environments by understanding the technical implementations of both on-premises infrastructure and other cloud environment dependencies, and advising on and developing cloud security initiative roadmaps for clients further to secure their cloud environments

Cyber Crisis Management & Threat-led Consulting 

You will be an experienced cyber crisis and resilience leader, with a passion for helping customers prepare for, and exercise, a range of engagements, including but not limited to Table Top Exercises (TTX) and Crisis Simulations. You will be well versed in industry leading Crisis Management, Incident Response, Business Continuity and Disaster Recovery Plans, and an understanding of how organisations incorporate this into their overarching business strategy. You will be an innovative thinker, who incorporates our industry leading threat intelligence, research, DFIR, Offensive and Defensive security findings into how you differentiate, and add value for our clients. 

Cyber Security Strategy, Risk Management (inc AI Security), Security Architecture & Transformation (including Zero Trust) 

You are an individual who understands how to use threat intelligence and data-insights to inform organisations on security return on investment. You are someone who doesn’t simply follow industry standard approaches, rather looks ahead for how companies should be transforming and simplifying their cyber security functions. You will have deep expertise across a range of security domains, technologies and regulatory trends, and have led notable security transformations. 

Qualifications

Your Experience 

• You will have 7+ years of experience in cyber security, specialising in at least two of the above listed domains.

• Preferably your professional career will have blended experience working in-house in large organisations, and consulting experience from industry leading companies. 

• A strong team player, and contributor to developing services and solutions.

• Demonstrate a track record in strengthening existing and developing new client relationships

• Ability to thrive in a fast-paced, start-up style environment

• While this is a predominately remote role, you will need the flexibility to travel from time-to-time, to meet with customers and teams

• Identified ability to grow into a valuable and visible contributor to the team, such as: 

  • develop an external presence via public speaking, conferences, and/or publications

  • have credibility, executive presence, and gravitas

  • be able to have a meaningful delivery contribution

  • have the potential and capacity to understand all aspects of the business, and develop an excellent understanding of PANW security products

  • be collaborative and able to build relationships internally, externally, and across key PANW functions, including the account teams

• A relevant Bachelor’s Degree such as Information Security, Computer Science, Digital Forensics, Cyber Security OR equivalent years of professional experience to meet job requirements and expectations.

  Offensive Security

  The types of skills and knowledge we would look for in an offensive security professional include:

  Delivery experience & knowledge: Experience leading Red & Purple team engagements, Advanced Attack Simulations, OSINT research, social engineering techniques, bespoke security assessments, exploit development. Experience testing a range of technologies (Active Directory, major OSs, cloud environments, IoT / OT) and using a range of security tools and technologies inc AI-enabled to automate and tailor engagements. 

  Education/Certifications/Awards: industry leading certifications from OffSec (OSCE / OSCP / OSWP), CREST, GIAC (SANS), and preferably published vulnerabilities, competition winners, conference talks, and published papers or thought leadership. 

  Defensive Security & Operations

  The types of skills and knowledge we would look for in a defensive security professional include:

  Delivery experience & knowledge: Significant security operations experience, not only having designed, built and operated security operations environments, but having hand-on delivery experience such as a security engineer/analyst, threat researcher, blue teamer, compromise assessments, threat hunts and incident response. 

  Education/Certifications/Awards: industry leading certifications from the likes of GIAC (SANS) in the areas of security architecture, intrusion analysis and monitoring, threat intelligence, incident handling etc.

  Cloud Security 

  The types of skills and knowledge we would look for in a cloud security professional include:

  Delivery experience & knowledge:  Possess a deep technical knowledge in CASBs, Cloud Platforms and the dependencies around such an environment (WAF, SSO, Cloud Threats, API Security, Cloud Security Posture Management) and cloud security architectures. Experience performing cloud security and risk assessments based upon industry-accepted standards. Former experience with cloud migrations (cloud to cloud, or on-prem to cloud). Knowledge of command-line interfaces or scripting tools in cloud environments.

  Education/Certifications/Awards: industry leading certifications in cloud security and architecture, and GIAC Defensible Security Architect (GDSA).

  Cyber Security Strategy, Risk Management (inc AI Security), Security Architecture & Transformation (including Zero Trust)

  The types of skills and knowledge we would look for in a cyber risk management professional include:

  Delivery experience & knowledge: Experience in cyber security threat modelling & risk assessments to support the development of cyber security strategies and roadmaps. Domain knowledge across enterprise security architecture, secure software development practices, penetration testing, vulnerability assessments, among others. Sound knowledge of applicable frameworks (including MITRE ATT@CK, D3FEND and ATLAS, CIS, NIST CSF, NIST AI RMF, CSA CCM), standards (including 800-53, ISO 27001/2, PCI, CIS 18, CMMC) and applicable laws, compliance regulations, and industry standards as it relates to privacy, security, and compliance. Experience with securing AI systems within cloud environments (e.g., AWS, Azure, Google Cloud). 

  Education/Certifications/Awards: relevant industry certifications such as CISSP, CISM, CISA and GIAC Defensible Security Architect (GDSA).

Additional Information

The Team

Unit 42 Consulting is Palo Alto Network's security advisory team.  Our vision is to create a more secure digital world by providing the highest quality incident response, cyber risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients’ security posture. 

Our Commitment

We’re problem solvers that take risks and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at  accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.

All your information will be kept confidential according to EEO guidelines.

Covid-19 Vaccination Information for Palo Alto Networks Jobs

• Vaccine requirements and disclosure obligations vary by country.
• Unless applicable law requires otherwise, you must be vaccinated for COVID or qualify for a reasonable accommodation if:
  • The job requires accessing a company worksite
  • The job requires in-person customer contact and the customer has implemented such requirements
  • You choose to access a Palo Alto Networks worksite
• If you have questions about the vaccine requirements of this particular position based on your location or job requirements, please inquire with the recruiter.