Job Overview
Join our esteemed Enterprise Security Services team as a Manager of Cyber Assessment, where you will play a pivotal role in fortifying our information security landscape through your expertise and leadership in risk assessments. This remote position offers an exciting opportunity to contribute significantly to our mission while collaborating with talented professionals in a supportive and dynamic environment.
Key Responsibilities
- Perform detailed information security risk assessments for technology initiatives, employing both industry-standard and firm-specific frameworks.
- Conduct assessments through various methods including vendor evaluations, defining security requirements, facilitating security testing, and managing residual risks.
- Utilize diverse assessment methodologies to evaluate security controls comprehensively.
- Advise project teams on alternative control measures when security standards are not met.
- Serve as the main point of contact between IT project teams and Cyber Security departments, ensuring alignment of security resources with project goals.
- Review evidence to effectively close corrective action plans and ascertain they fulfill control objectives.
- Remain abreast of the latest trends, tools, and techniques in security assessments while maintaining organized evidence.
- Execute vendor security assessments, scrutinizing vendor controls and enhancing security processes.
- Communicate and coordinate remediation plans with vendors and IT teams, suggesting mitigating controls as needed.
- Collaborate with IT and business representatives to ensure project priorities align with IT Risk and Security resource planning.
- Act as a subject matter expert in key IT security domains, including access control and monitoring.
- Oversee smaller projects, manage timelines, and influence staffing decisions while providing mentorship to junior staff.
Required Skills
- Proficient in cyber security risk assessments and control reviews with a strong grasp of frameworks such as NIST 800-53, NIST 800-171, FedRAMP, or CMMC.
- Familiarity with control frameworks including NIST, ISO, HITRUST, and PCI.
- Solid understanding of security principles, IT security controls, and both network and cloud security concepts.
- Hands-on experience with penetration testing and scanning tools, including Qualys, Nessus, Metasploit, and Burp.
- Strong analytical, problem-solving, and communication abilities; capable of mentoring and positively influencing junior team members.
Qualifications
- A minimum of five years of recent experience in cyber security risk assessments and control reviews.
- Preferred: A bachelor's degree from an accredited institution; certifications such as CISSP or CISA are advantageous, along with CEH, GPEN, OSCP, or OSCE certifications.
Career Growth Opportunities
We are committed to fostering your professional development by providing opportunities for coaching and mentoring, ensuring that you can grow your skill set while contributing to impactful projects.
Company Culture And Values
Our vibrant culture prioritizes individual growth, inclusivity, and innovation, creating a supportive environment where every team member can thrive.
Compensation And Benefits
We offer a competitive salary alongside a comprehensive benefits package that includes medical and dental coverage, vision insurance, life and disability coverage, a 401(k) plan, and ample personal time off to maintain a healthy work-life balance.
Why Join Us
Become part of a recognized leader in audit, tax, and advisory services, where you can make a significant impact in a company celebrated for its excellent workplace culture and dedication to community support. If you are eager to shape your future and be part of a dynamic team, we encourage you to apply.
Employment Type: Full-Time