Organizations across industries are engaged in an unwanted struggle against multiple and unexpected adversaries, ranging from organized crime rings to nation states and terrorist groups, as well as disgruntled employees and online vigilantes.
It only takes one successful attack to devastate a company’s financial performance, brand, and reputation. And in this current cyber climate, it’s not if an attack will happen, but when. Resilient companies recognize this new normal and stay one step ahead to protect themselves, their customers, partners and vendors against devastating attacks. This is where you come in.
Come join us!
Aon’s Cyber Solutions Cyber Associate Program (formerly known as Stroz Friedberg’s Cyber Associate Program) is a nine month rotational program, beginning in September. Participants will be immersed in our digital forensics, incident response, and proactive security businesses, learning skills in the key areas of information security: digital forensics; pen testing; incident response (reactively working with an organization in response to a cyber attack); and proactive security (identifying vulnerabilities and defending an organization from adversaries). You will also have exposure to several other facets of the business, giving you a holistic understanding of firm functionality.
Your work will support our goal to maximize the health of an organization, ensuring its longevity, protection, and resilience.
Enjoy the benefits of a full-time job, with the opportunity for exploration and flexibility.
This full-time position with a competitive salary and benefits also provides you with a rare opportunity to experience working in four specializations before deciding where to grow your career. Associates work side-by-side with our existing employees, across our global offices, gaining exposure on client-facing assignments in each discipline:
Digital Forensics and Incident Response
- Recover, preserve, and analyze digital evidence in one of our 12 cutting-edge forensic laboratories
- Uncover computer-enabled theft, leaks of confidential business information, mass or targeted deletions and work on other interesting client cases
- Apply forensic analysis techniques to reconstruct events on computers and phones and surface evidence in civil and criminal investigations
- Respond to data breaches, APT attacks, cyber extortion, malicious code, botnets, economic espionage, ransomware and other cyber incidents
- Proactively hunt for indicators of compromise and other malicious activity and vulnerabilities within an environment, and analyze irregular network traffic
- Understand methods used by criminals and employ this knowledge to help guide investigations and implement preventative solutions
Proactive Security Advisory & Penetration Testing
- Monitor environments to identify and prioritize threats from cyber criminals
- Perform technical, information, application, and physical security risk assessments
- Conduct cyber threat simulations and recommend solutions to secure vulnerabilities
- Perform penetration testing on web and mobile applications as well as network penetration testing (external and internal) to include vulnerability exploitation and pivoting t gain remote system access
- Conduct application source code review
- Complete vulnerability research and exploit development
Boost your professional and technical skill set with valuable training and certifications.
From the very beginning of the program, you will be immersed in learning activities focused on boosting your business and client management skills, and equipping you with technical qualifications. The program kicks off with a one-week group training and orientation, including soft skills immersion, team building, and technical exercises.
Throughout the program, you will complete courses at the highly acclaimed SANS institute, the leading provider of elite cyber security training. You will also gain other valuable information security qualifications and technical skills, such as GIAC certifications and SQL training.
At the same time, you’ll be going through on-the-job training, for example, working with leading tools and technology in our digital forensics labs, delving into cryptology, testing an application before it goes to market, or responding to a suspected data breach.
Learn from mentors with deep subject matter experience, while working across a variety of technical environments and enterprise networks.
You will learn from managers and colleagues with robust technical and legal backgrounds, many of whom contributed directly to developing the foundations of the practice of cyber-focused law enforcement.
You will also be exposed to a wide variety of technical environments and enterprise networks, working alongside our experienced technologists, who have deep scientific roots. We are elite forensic analysts, computer scientists, malware reverse engineers, Certified Information Systems Security Professionals, and Information Privacy Professionals. We are ISO 27001 (Cyber) certified across multiple service lines (cyber resilience and digital forensics) in seven US cities and the UK, where we have also obtained Cyber Essentials certification. Additionally, we are certified to offer the industry leading CREST (the Council of Registered Ethical Security Testers), STAR (Simulated Target Attack and Response), and CBEST cyber security testing services.
Our clients span industry sectors including financial services, healthcare, retail, hospitality, technology & communications, entertainment, and more. One day you may be chasing malicious hackers through a client’s network and the next day analyzing messaging apps on an iPhone. The rotational program affords broad exposure to a wide range of real-world security situations.
The size of our organization means each team member, including every associate in our program, plays an integral role in our success. It also allows each individual to gain real on-the-job experience and prepare themselves to step into leadership roles. What’s more, because risk management is our company-wide focus, not a department, all of your contributions are central to our practice.
This Is Not an Internship
Once you join us for the rotational program, you’re part of Aon’s Cyber Solutions. Upon completing the program, it’s expected that you will be assigned a permanent role in one of our disciplines, based on your preferences, your managers’ assessments, and the firm’s business needs.
By the end of the rotational program, you should be fully prepared for success – whether your work involves application security, pen testing, digital forensics, networking, incident response, or elsewhere.
We are looking for our future leaders. Your advancement in the business signals the success of our program!
We’re excited to meet you!
We are currently accepting applications for the 2020 US Cyber Associate program. The deadline to apply is October 14 at 9:00am EST.
Please check our Careers page for current employment opportunities.