Organizations across industries are engaged in an unwanted struggle against multiple and unexpected adversaries – ranging from organized crime rings to nation states and terrorist groups, as well as disgruntled employees and online vigilantes.

It only takes one successful attack to devastate a company’s financial performance, brand, and reputation. And in this current cyber climate, it’s not if an attack will happen, but when. Resilient companies recognize this new normal and stay one step ahead to protect themselves, their customers, partners and vendors against devastating attacks. This is where you come in.

Come join us!

The Stroz Friedberg Cyber Associate Program (in the US or UK) is a 9-month rotational program, beginning in September, where you will be immersed in our cyber resilience and digital forensics businesses, learning skills in the key areas of information security: digital forensics; pen testing; intellectual property and trade secret protection; incident response (i.e. reactively working with an organization in response to a cyber attack); and security science (i.e. proactively identifying vulnerabilities and defending an organization from adversaries).

Your work will support our goal to maximize the health of an organization, ensuring its longevity, protection, and resilience.

Enjoy the benefits of a full-time job, with the opportunity for exploration and flexibility.

This full-time position with a competitive salary and benefits also provides you with a rare opportunity to experience working in three specializations before deciding where to commit. Associates work side-by-side with our existing employees, across our global offices, gaining exposure to client-facing assignments in each discipline:

  • Digital Forensics
    • Recover, preserve, and analyze digital evidence in one of our 12 cutting-edge forensic laboratories
    • Uncover computer-enabled theft, leaks of confidential business information or intellectual property, mass or targeted deletions and work on other interesting client cases
    • Apply forensic analysis techniques to reconstruct events on computers and phones and surface evidence in civil and criminal investigations
    • Perform source code or EE analysis in support of patent and intellectual property disputes
  • Incident Response
    • Respond to data breaches, APT attacks, cyber extortion, malicious code, botnets, economic espionage, ransomware and other cyber incidents
    • Proactively hunt for indicators of compromise and other malicious activity and vulnerabilities within an environment, and analyze irregular network traffic
    • Understand methods used by criminals and employ this knowledge to help guide investigations and implement preventative solutions
  • Security Science
    • Monitor environments to identify and prioritize threats from cyber criminals
    • Perform technical, information, application, and physical security risk assessments
    • Conduct cyber threat simulations and recommend solutions to secure vulnerabilities

Boost your professional and technical skill set with valuable training and certifications.

From the very beginning of the program you will be immersed in learning activities focused on boosting your business and client management skills, and equipping you with technical qualifications. The program kicks off with a two-week group training and orientation, including soft skills immersion, team building, technical exercises, and a SANS FOR408: Windows Forensic Analysis course, which will prepare you to qualify as a GIAC Certified Forensic Examiner shortly afterwards.

Later on in the program, you will complete another SANS course, SEC504: Hacker Tools, Techniques, Exploits and Incident Handling, leading to completing the GIAC Certified Incident Handler qualification.

Whether you are working with leading tools and technology in our digital forensics labs, delving into cryptology, testing an application before it goes to market, or responding to a suspected data breach,

Learn from mentors with deep subject matter expertise, while working across a variety of technical environments and enterprise networks.

You will learn from managers and colleagues with robust technical and legal backgrounds, many of whom contributed directly to developing the foundations of the practice of cyber-focused law enforcement.

You will also be exposed to a wide variety of technical environments and enterprise networks, working alongside our experienced technologists, who have deep scientific roots. We are elite forensic analysts, computer scientists, malware reverse engineers, Certified Information Systems Security Professionals, and Information Privacy Professionals. We are ISO 27001 (Cyber) certified across multiple service lines (cyber resilience and digital forensics) in seven U.S. cities and the UK, where we have also obtained Cyber Essentials certification. Additionally via our Gotham Digital Science subsidiaries, we are certified to offer the industry leading CREST (the Council of Registered Ethical Security Testers), STAR (Simulated Target Attack and Response), and CBEST cybersecurity testing services.

Our clients span industry sectors including energy, auto, finance, government, healthcare, retail, and even entertainment. One day you may be chasing malicious hackers through a client’s network and the next day analyzing messaging apps on an iPhone. The rotational program affords broad exposure to a wide range of real-world security situations.

Our culture

The size of our organization means each team member, including every associate in our program, plays an integral role in our success. It also allows each individual to gain real on-the-job experience and prepare themselves to step into leadership roles. What’s more, because risk management is our company-wide focus, not a department, all of your contributions are central to our practice.

This is not an internship

Once you join us for the rotational program, you’re part of Stroz Friedberg. Upon completing the program, it’s expected that you will be assigned a permanent role in one of our cyber disciplines, based on your preferences, your managers’ assessments, and the firm’s business needs.

By the end of the rotational program, you should be fully prepared for success – whether your work involves application security, pen testing, digital forensics, networking, incident response, or elsewhere.

We are looking for our future leaders – your advancement in the business signals the success of our program.

We’re excited to meet you!

At this time, applications are no longer being accepted for our US and UK Cyber Associate Program. Please check our Careers page for current employment opportunities.

hr_cyber_associate_program_infographic_us_web_ready-jpg

Click the infographic above to see the Cyber Associate Program trajectory