Overview:

The Technology department at PJT is responsible for creating and continuously improving a robust and secure technology foundation that supports the firm’s business activities. Underpinning that, the Cybersecurity function ensures that the firm accurately identifies, investigates, and remediates incidents and evaluates applicable controls related to the firm’s technology. As the technology landscape at PJT is undergoing significant change, the Cybersecurity function is also evolving to help enable that change.

Role Description:

An effective candidate will be responsible for security engineering, vulnerability management and cybersecurity operations. They will be able to provide guidance on vulnerability identification, classification and remediation including hands on remediation. This candidate should collaborate with technology stakeholders to deploy remediations. Review and identify risks in designs, code, architecture, systems, and procedures. They should provide input on the vulnerability risk framework adherence and identify gaps. A willingness to keep current on current industry threats and vulnerabilities is imperative.

Responsibilities:

Key Areas of Focus

• Assist the Head of Information Security and Technology Risk with monitoring cyber operations, provide oversight of vulnerabilities and provide expertise in system design and configuration.
• Handle daily operations
  • Manage the remediation of vulnerabilities and incidents
  • Manage 24/7 SOC and patching teams
  • Manage resolution time and ensure SLAs are met
  • Identify alert issues and effectiveness to recommend efficient and meaningful changes
• Respond to crises to mitigate immediate and potential threats and vulnerabilities
• Curate weekly, Monthly, quarterly metrics
• Conduct cyber assessments and gap analysis, evaluating control effectiveness
• Manage adherence to the cyber security framework adherence
• Manage control and alert Framework
• Review procedures, standards, and guidance to ensure timely and proper incident response
• Provide oversight to engineering in secure code, design, architecture review
• Understand and manage risk vs. business operability
• Maintain knowledge of key technology risk and regulatory requirements

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field.
  • computer science, engineering, information systems, policy or similar preferred.
  • Equivalent experience is acceptable
• 7-10 years’ Experience in cybersecurity operations and/or incident response
• Knowledge of security frameworks such as NIST, CIS, and ISO.
• Experience with vulnerability management tools such as Nessus, Qualys, or Rapid7
• Strong technical skills in vulnerability scanning and penetration testing.
• Strong knowledge of network security protocols, operating systems, and web application security.
• Familiarity with security incident and event management (SIEM) tools.
• Excellent communication and interpersonal skills, with the ability to communicate complex security issues to technical and non-technical stakeholders.
• Strong leadership and mentorship skills, with the ability to work collaboratively with cross-functional teams.
• Ability to work independently, manage multiple tasks, and prioritize workload.
• Strong knowledge of incident response
• Experienced in managing consultant teams

Expected annualized base salary of $165,000 to $190,000.

This range represents the low and high ends of the expected annualized base salary for this position. The specific base salary received by any employee will be informed by a number of factors, including but not limited to, role level and scope, location, candidate’s relevant qualifications, skills and experience.

Base salary is one component of PJT Partners’ compensation structure. In addition to base salary, PJT Partners’ compensation structure may include additional rewards, incentives, and benefits, including but not limited to, a discretionary bonus component.