Digital Security Consultant - Summer 2021 Internship
Employment Type: Full-Time
At Crowe LLP, you have the opportunity to deliver innovative solutions to today’s complex business issues. Crowe’s accounting, consulting, and technology personnel are widely recognized for their in-depth, industry-focused expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Crowe’s Consulting team is frequently praised by satisfied clients for their high professional standards, industry expertise, innovative technology solutions and responsive hands-on approach to client service. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a “Best Place to Work.”
As a **Digital Security Consultant** in **Crowe’s Consulting Practice**, your role will be focused on helping clients assess and refine their information security posture, technology implementations, and regulatory compliance. Our team will develop your Information Security skillset over your first couple of years. This is not a typical desk job. Starting from day one, you will be in the field working side by side with our experienced security professionals at our clients around the world! A number of our experienced team members have also presented their research, techniques, and procedures at security conferences around the country. At Crowe, we empower you to take risks, to challenge yourself in specialized areas of consulting & technology, and to generate solutions that impact the firm and your professional growth. Crowe cultivates a creative corporate culture where you will have the opportunity to share your ideas and knowledge with clients from your very first day with the firm.
Your career could launch in a fast-paced environment with a high learning curve in one of the following areas:
You will assist our financial institution clients to transform their governance, embed risk in their decision-making and maintain efficient compliance through IT General Controls and Application Audits, IT Compliance & Assurance Reviews and IT and Risk Management Consulting. Areas of Focus can include Contract Management and Compliance Reviews, Model Validations, Organizational Change, and Independent Monitoring.
You will have the opportunity to impact client performance through data and operational analyses, new product development, and integration with other service lines within Consulting Healthcare. Client engagements are focused on a variety of challenges in the healthcare provider space (hospitals, health systems, physician groups, etc.) within the revenue cycle. A typical project includes a variety of functions and opportunities such as: the collection and formatting of client data, review of client business practices, examination of patterns in client transactional data, presentation of work product results to client leadership, and integration of results into client patient accounting systems. Additionally, this role will have exposure to help drive decisions on long-term strategies around new forms of client delivery, identification of market opportunities, and product planning.
Assist our Life Sciences clients to assess and refine their information security posture and privacy capabilities through security testing, program and technology implementations, and cybersecurity consulting services.
Help public sector entities improve performance and efficiency across a broad array of issues across financial management, operational efficiency and information technology by implementing Enterprise Resource Planning (ERP) technology. You will be part of the team that assists with facilitating meetings and documenting client requirements for public sector clients. Additionally, you will assist with designing, configuring and implementing the ERP solution to meet the requirements while providing guidance based on industry best practices. You will also assist in analyzing key data sets and business intelligence metrics resulting in dashboard creation. ERP is integrated business management software used to collect, store, manage and analyze data from many business activities. Crowe has been successful in building ERP solutions for transportation authorities, counties, airports, lotteries, and other public sector agencies throughout the United States.
*Technology, Media and Telecommunications*
Assist TMT clients to assess and refine their information security posture, technology implementations, and regulatory compliance through IT General Controls and Application Audits, IT Compliance & Assurance Reviews and IT and Risk Management Consulting.
*Managed Detection Response*
The Managed Detection and Response (MDR) Analyst will be responsible for supporting, planning and executing cybersecurity projects including some of the following responsibilities: monitor the Crowe MDR platform, respond to generated alerts, triage their level of risk and investigate their nature, help in tuning alerts, writing rules and optimizing the platform, perform research on emerging security threats and trends while also evaluating Crowe MDR’s coverage, respond to client enquiries pertaining to events in their network, use the Crowe MDR platform and red team knowledge to hunt for signs of suspicious/malicious activity, prepare reports or other necessary documentation to detail results of continuous monitoring, submit recommendations to client for corrective action or to support a recommend approach to solving the client’s needs, and correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively.
- This is a fast-paced environment with a high learning curve, so we provide many resources and on-the-job training opportunities – if you are willing to learn and build your areas of expertise, you will succeed
- Candidates must:
- Willingness to travel
- Our team travels mostly around the continental US (international travel possible)
- Most travel consists of 2 or 3 overnights per week
- Possess knowledge of Information Technology fundamentals, including:
- Basic network services (TCP/IP, HTTP, SSH, SMB, and DNS), where they reside on the OSI model, and how they technically function to provide basic connectivity to a system
- Routing and Switching
- System Administration (Windows & Active Directory and/or Linux/Unix)
- Database Administration (Microsoft SQL, Oracle, Mongo, PostgreSQL, etc.)
- Possess knowledge of Information Security standards and concepts, such as:
- Risk Management and Cybersecurity Governance
- System and Application Hardening (Security Engineering)
- Network Infrastructure Security
- Access Management
- Security Assessments
- Security Operations
- Possess technical writing skills using Microsoft Office (Word, Excel, Visio, PowerPoint, Outlook)
- Have a passion for Information Security and be willing to share your knowledge and lessons learned with the team and the security community
- Have a desire to continue personal growth through continuing professional education, self-study, pursuit of technical certifications, and mentoring/training less experienced team members
- Be capable of independently managing time and able to prioritize tasks in a fast-paced environment
- Be able to communicate technical findings to non-technical audiences, such as company officers (CEOs, CIOs, CFOs, COOs) and Audit Committees