Cyber Advisor, Post-Cyber Event Hardening

Why you should join our At-Bay Security team:

Cyber insurance has become indispensable for businesses against the existential threat of cyber attacks which become more common and more devastating year after year. In response, At-Bay invented the concept of InsurSec to bridge the gap between insurance and security. Our award-winning team combines the unparalleled risk insights available to a full-stack cyber insurance carrier with full-spectrum cyber operations capabilities to bring our customers a safer and more secure working world.

If you’re reading this, then you’re probably looking for a new adventure. But how about a new perspective? If impact is your goal, then join us and find out what you’re worth when a single conversation can avert a significant ransomware incident and save a small business from having their lights turned out permanently. 

Role Overview:

The Cyber Advisor for the Post-Cyber Event Hardening service is essential in helping customers enhance their security posture following a cyber event. This role bridges the gap between recovery and long-term resilience by implementing and optimizing technical security controls directly within the customer's environment to minimize future risk.

Engagement-Based Responsibilities:

Assessment & Prioritization

Conduct targeted reviews of the insured’s environment to identify security control gaps

Analyze and prioritize system weaknesses across cloud and on-premise infrastructure to focus remediation on the highest-risk areas

Implementation & Hardening

Deploy security improvements, including advanced endpoint protection, email security tools, and modern network access controls

Integrate zero-trust principles and robust identity protections to ensure resilient access management

Execute technical hardening measures to eliminate common attack vectors and secure critical infrastructure components

Apply technical remediations to align the environment with At-Bay’s security standards

Strategic Resilience & Advisory

Achieve a demonstrably stronger security posture for the insured than existed prior to the cyber event

Translate technical improvements into strategic business value, helping the insured build a sustainable culture of security

Internal Responsibilities:

Security Product & Tooling Evolution

Continuously evaluate and update technical “betterment” playbooks and toolsets to stay ahead of evolving threat actor tactics

Test and vet new security solutions to ensure the service utilizes the most effective and reliable technologies available

Cross-Functional Intelligence Sharing

Provide anonymized insights from engagements to help internal teams refine risk models and security requirements

Collaborate with internal teams to align technical remediation efforts with policy standards and emerging insurance trends

Knowledge Leadership & Training

Act as a subject matter expert for the broader security and insurance teams on the "what and how" of modern infrastructure hardening

Create internal anonymized post-mortems to demonstrate the ROI of the service and highlight successful security transformations

Continuous Threat Research

Stay current on the threat landscape to ensure hardening steps remain effective against the latest attack vectors

How you’ll make an impact: 

By 3 months...

Gain a deep understanding of At-Bay’s business—specifically how our insurance products, distribution, and technology stack integrate with the Post-Cyber Event Hardening service to serve our customers

Execute targeted assessments and become proficient in analyzing security toolsets to identify security control gaps and deliver tailored, high-impact risk mitigation strategies

Establish the collaborative relationships necessary to drive success across multiple teams, including Underwriting, Claims, and MDR

Establish a confident communication style with customers, guiding them through technical remediation steps and advising them on achieving a measurably stronger security posture

By 6 months...

Contribute to the refinement and scalability of the Post-Cyber Event Hardening service by updating technical "betterment" playbooks and vetting new security solutions

Serve as the technical lead for cybersecurity engagements, providing expert guidance throughout the hardening phase and delivering comprehensive, actionable reports

Successfully bridge the gap between complex technical fixes and strategic business value, helping insureds build a sustainable culture of security

Participate in strategic discussions and initiatives that leverage your field insights to shape the future of At-Bay’s cybersecurity service roadmap

What you’ve accomplished already:

Proven experience in security hardening, including security control implementation and optimization across diverse, complex environments

Deep technical knowledge in deploying and configuring Endpoint Detection and Response (EDR/MDR), Identity and Access Management (IAM), and Email Security solutions

Extensive experience implementing Multi-Factor Authentication (MFA) and Active Directory/Entra ID security improvements

Expertise in securing network architectures, including firewall remediation, VPN, ZTNA, SASE, and cloud environment hardening (Azure, AWS, or GCP)

Excellent communication skills with the ability to guide customers through technical remediation steps during high-stress, post-event periods

Proven ability to identify and categorize security control gaps, providing tailored recommendations and applying rapid, high-impact remediations

A collaborative mindset with the ability to work effectively alongside internal and external teams to achieve technical remediation

Experience collecting and analyzing data from various security tools to drive informed risk management decisions and proactive defense strategies

Proven track record of delivering insights on emerging cyber threats and translating them into proactive defensive measures