It only takes one successful attack to devastate a company’s financial performance, brand — and reputation. And in the current cyber climate, it’s not a case of if an attack will happen, but when. Resilient companies recognise this new normal and stay one step ahead to protect themselves, their customers, partners and vendors against devastating attacks. That’s where you come in.
Aon’s cyber solutions cyber associate programme is a twelve-month rotational programme, running from September each year. We immerse our graduates in projects covering all key areas of information security, including:
- Digital forensics and investigations
- Penetration testing
- Incident response (reactively working with an organisation in response to a cyber attack)
- eDiscovery (helping companies interrogate data for key information and facts, or make disclosures)
- Proactive security (spotting vulnerabilities and defending organisations against adversaries)
You’ll have exposure to several other areas of our business, to give you a holistic understanding of Aon. We’ll also give you the chance to work on a range of real-world security situations. One day you might be chasing malicious hackers through a client’s network; the next, analysing messaging apps on an iPhone. Our clients span all sorts of industries too, including financial services, healthcare, retail, hospitality, technology and communications, entertainment and more.
When joining us for the graduate programme, you’ll become a vital part of Aon’s cyber solutions team. What’s more, once you’ve completed the programme, it’s expected that you’ll be assigned a permanent role with us.
Your work with us:
Our graduate programme gives you the rare chance to work across four specialisations before deciding where you want to grow your career. Our graduates work side-by-side with our existing employees across our global offices.
You’ll work across a range of client services, including:
Investigations and response: digital forensics and incident response, eDiscovery and intelligence
- Recover, preserve and analyse digital evidence in one of our twelve cutting-edge forensic laboratories
- Uncover computer-enabled theft, leaks of confidential business information, mass or targeted deletions
- Apply forensic analysis techniques to reconstruct events on computers and phones, and surface evidence in civil and criminal investigations
- Respond to data breaches, APT attacks, cyber extortion, malicious code, botnets, economic espionage, ransomware and other cyber incidents
- Hunt for indicators of compromise and other malicious activity and vulnerabilities within an environment, and analyse irregular network traffic
- Understand methods used by criminals, using this knowledge to help guide investigations and put preventative solutions in place
- Process large and/or complex data sets to extract their content and file information, to make the data searchable and reviewable in depth and at scale
- Identify, collect and produce electronic data to support a variety of court cases
Proactive security advisory and penetration testing
- Monitor environments to identify and prioritise threats from cyber criminals
- Perform technical, information, application and physical security risk assessments
- Conduct cyber threat simulations and recommend solutions to secure vulnerabilities
- Perform penetration testing on web and mobile applications, as well as network penetration testing (external and internal) to include vulnerability exploitation and pivoting to gain remote system access
- Conduct application source code review Complete vulnerability research and exploit development
Training and certification
From the very start of the programme, you’ll be immersed in learning activities that’ll boost your business and client management skills and equip you with technical qualifications.
The graduate programme kicks off with a one-week group training and orientation, including soft skills immersion, team building and technical exercises. You’ll complete courses and labs during the programme, and go through on-the-job training too. This might include working with leading tools and technology in our digital forensics labs, delving into cryptology, testing an application before it goes to market or responding to a suspected data breach.
Throughout your time at Aon, you’ll also gain valuable information security certifications such as GIAC Certified Forensic Examiner and CREST Practitioner Security Analyst.
While working across a variety of technical environments and enterprise networks, you’ll learn from mentors, managers and colleagues with robust technical and legal backgrounds — plus, many of them have helped to develop the foundations of cyber-focused law enforcement.
You’ll be exposed to a range of technical environments and enterprise networks working alongside our experienced technologists. Our teams include:
- Elite forensic analysts
- Computer scientists
- Malware reverse engineers
- Certified information systems security professionals
- Information privacy professionals
We’re ISO 27001 (Cyber) certified across multiple service lines (cyber resilience and digital forensics) in seven US cities and the UK, where we’ve also obtained Cyber Essentials certification. Plus, we are certified to offer the industry leading CREST (the Council of Registered Ethical Security Testers), STAR (Simulated Target Attack and Response), and CBEST cyber security testing services. We’ll provide in-depth training and support for all our graduates as they learn about these elements of our business.
After the programme, what’s next?
By the end of the programme, you should be set for success — whether you’re working in application security, pen testing, digital forensics, networking, incident response or elsewhere. We’ll place you in one of our lines of business:
- Investigations and response
- Security advisory
- Security testing
There, you’ll have the chance to grow your career in our consulting, client management or business development sectors alongside mentors and talented colleagues. We’re looking for Aon’s future leaders, so we’ll make sure you have everything you need to rise through the ranks and enjoy a challenging, fulfilling career.
- A minimum of a 2:1 degree or equivalent in a STEM subject (Science, Technology, Engineering and Mathematics)
- An interest in cyber security
- Excellent problem-solving skills
- Effective communication skills for our client-facing work