Job Title: Manager, Cyber Assessment - Remote
Job Overview
Join our esteemed Enterprise Security Services team as a Manager, Cyber Assessment, where your expertise will play a pivotal role in reinforcing our commitment to exceptional audit, tax, and advisory services. This remote position offers a unique opportunity to engage in diverse responsibilities aimed at fortifying information security for a variety of technology projects.
Key Responsibilities
- Conduct thorough information security risk assessments utilizing industry-standard and firm-specific control frameworks.
- Implement assessments through methods such as vendor evaluations, definition of security requirements, and facilitation of security testing.
- Employ various assessment methodologies, including both active and passive testing techniques, to evaluate security controls effectively.
- Provide expert guidance to project teams on alternative compensating controls when security requirements are not fulfilled.
- Act as the primary liaison between IT project groups and Cyber Security teams to synchronize security resources and achieve project goals.
- Review and analyze evidence to finalize corrective action plans ensuring alignment with control objectives.
- Remain informed about the latest trends, tools, and techniques in security assessments.
- Conduct comprehensive vendor security assessments and develop corresponding security requirements.
- Communicate and monitor remediation strategies alongside vendors and IT teams, recommending appropriate controls as needed.
- Collaborate with representatives from IT and other business functions to align project priorities with IT Risk and Security resource planning.
- Serve as a subject matter expert in various domains of IT security, including access control and cryptography.
- Oversee small-scale projects, managing timelines and contributing to staffing decisions while mentoring junior members.
Required Skills
- Strong proficiency in cyber security risk assessments and control reviews based on frameworks such as NIST 800-53, NIST 800-171, FedRAMP, or CMMC.
- In-depth understanding of security principles, IT security controls, network security, and cloud security concepts.
- Practical experience with penetration testing and scanning tools such as Qualys, Nessus, Metasploit, and Burp is essential.
- Exceptional communication, analytical, and problem-solving skills, with the ability to mentor junior team members effectively.
Qualifications
- A minimum of five years of recent experience in cyber security risk assessments.
- A bachelor’s degree from an accredited institution is preferred; certifications such as CISSP or CISA are highly regarded.
- Familiarity with control frameworks like NIST, ISO, HITRUST, and PCI is advantageous.
Career Growth Opportunities
We are dedicated to fostering your professional development within a vibrant and inclusive work environment. By joining our team, you will have access to extensive networking avenues, skill enhancement initiatives, and exposure to industry-leading practices.
Company Culture And Values
We pride ourselves on a culture that champions individual growth, inclusivity, and innovation. Our organization is consistently recognized as one of the best places to work, reflecting our commitment to community support and employee well-being.
Compensation And Benefits
We offer a competitive salary complemented by a comprehensive benefits package that prioritizes your health and professional growth, including:
- Medical and dental plans
- Vision coverage
- Disability and life insurance
- 401(k) plans with company matching
- Personal time off and organizational breaks to promote work-life balance.
Employment Type: Full-Time