Scaling Critical Cybersecurity Capabilities for a Fortune 500 Leader
How Gravity rapidly delivered specialized talent across multiple initiatives to transform security and risk management.
# of Employees: +/- 10,000+
Practice Area: Cyber Security
Project: Cyber Security & IT Risk Team Expansion
Our client is a $15B+ F250 company with >10,000 employees delivering services across multiple industries within the southeastern United States.
Our client made significant investments between 2017-2019 to mature its enterprise information & cyber security program and strategically position the cyber function to pro-actively anticipate and mitigate risk. Under the leadership of VP, Infrastructure & Cyber Security, Gravity was asked to assist on multiple security related efforts.
BUSINESS PROBLEM & OBJECTIVE
Our client embarked on a series of programs as part of its Cyber & IT Risk maturation strategy. Projects that required completion on the maturation roadmap included an IAM upgrade, CSOC expansion and GRC framework expansion/automation. Additional programs were required for Threat Detection, Incident Response improvements, creation of cyber policy/standards and security awareness marketing/training roll out. Cyber security integration for M&A transactions was also a high priority.
Gravity met extensively with leaders in the Security department to understand the roadmap & initiatives to effectively pipeline for the myriad of security professionals that would be needed to execute.
GRAVITY IT STAFFING – CYBERSECURITY & RISK
Gravity employed its IT Staffing – Cyber Security & IT Risk practice capability to build the project team to execute our client’s Cyber Security and IT Risk maturation program. Successful delivery of this program required the following SME resources:
- Program Manager, Cyber Security
- Senior IT Project Manager
- Senior Project Manager
- Scrum Master, Cyber Security
- Cyber Security Coordinator
- (3) Cyber Security Analysts
- Security Analyst
- Senior IT Business Systems Analyst
- (3) Business Analysts
- Security Business Analyst
- Senior IT Network Support Specialist
- Senior Java Developer
- Python Developer
Gravity used its “referral-driven” sourcing model and its recruiters aligned with (a) Cyber Security (b) Business Analysis (c) Agile/PMO skill sets to identify multiple, local resources to staff the project. Since many other enterprise level organizations within this geography were maturing cyber security programs, the Gravity referral program was a force multiplier to quickly identify top security talent. Gravity also partnered with a local university’s Cyber Security Bootcamp to pipeline recent college graduates with Cyber Security experience for our client’s Security and IT Risk teams. Gravity then executed its 5-step vetting process to present the best consultants for the open positions.
Gravity’s ability to quickly identify and vet quality security professionals provided the seed fuel for the security management team to move forward executing on departmental initiatives. Gravity successfully placed 17 consultants with our client’s security team and many of these consultants were later offered FTE roles. Gravity’s positive impact on our client’s security program included the following specific initiatives:
- Gravity assisted the IT Technology Manager, Cyber Tools with building out the IBM ISIM Identity and Access Management (IAM) application with a team of Business Analysts, Security Analysts and Java Developers. This tool was used to control access to our client’s internal system when new employees and contractors are onboarded and offboarded
- Gravity worked closely with Cyber Threat Defense Manager to provide a Python Developer to integrate our client’s threat intelligence platform and Cyber Security Operations Center (CSOC) platform.
- Gravity helped the Cybersecurity Operations and Incident Response Manager identify an incident response resource to staff the less attractive and difficult to fill 2nd shift [5pm – 1am (3 days/week, Mon – Fri ) + 8 hour shift on Saturday + 8 hour shift on Sunday]
- Assisted Senior IT Manager, Regulatory Compliance with Cyber Security programs by placing Project Managers and Business Systems Analysts with specific Security domain expertise.