Job Overview
We are seeking a talented Manager of Cyber Assessment to join our esteemed Enterprise Security Services team in a remote capacity. In this pivotal role, you will engage in key initiatives designed to strengthen and secure our information infrastructure, contributing to our reputation as a leader in audit, tax, and advisory services.
Key Responsibilities
- Conduct thorough information security risk evaluations for technology initiatives, leveraging both industry-standard and proprietary control frameworks.
- Execute assessments through diverse methodologies, including vendor evaluations and security requirement definitions.
- Guide project teams on alternative compensating controls when security criteria are not fulfilled.
- Serve as the principal liaison between IT project teams and Cyber Security divisions to align security resources with project goals and timelines.
- Analyze evidence to close out corrective action plans, ensuring compliance with defined control objectives.
- Keep abreast of the latest trends, tools, and techniques in security assessments to maintain effective evidence management.
- Oversee vendor security evaluations, enhancing processes and formulating security requirements as necessary.
- Collaborate with IT and business representatives to prioritize projects in alignment with IT Risk and Security planning.
- Act as a subject matter authority in various IT security domains, including access control and monitoring.
- Manage minor projects, oversee deadlines, and contribute to staffing strategies while mentoring junior colleagues.
Required Skills
- Demonstrated expertise in cyber security risk assessments and control examinations.
- Proficiency with frameworks such as NIST 800-53, NIST 800-171, FedRAMP, or CMMC.
- In-depth knowledge of security principles, IT security controls, and both network and cloud security.
- Practical experience with penetration testing and security scanning tools like Qualys, Nessus, Metasploit, and Burp.
- Strong analytical, communication, and problem-solving capabilities, with a proven ability to mentor less experienced team members.
Qualifications
- A minimum of five years of recent experience in performing cyber security risk assessments and control reviews.
- A bachelor's degree from an accredited institution is preferred; relevant certifications such as CISSP or CISA are advantageous, alongside CEH, GPEN, OSCP, or OSCE certifications.
- Familiarity with various assessment methodologies and control frameworks, including NIST, ISO, HITRUST, PCI.
Career Growth Opportunities
Joining our organization offers a wealth of professional development prospects, including mentorship programs and pathways for career advancement.
Company Culture And Values
Our firm is renowned for fostering an inclusive, innovative, and supportive environment, consistently recognized as one of the best workplaces by leading industry publications. We are deeply committed to diversity and inclusion, ensuring equal opportunities for all applicants.
Compensation And Benefits
We offer a competitive salary accompanied by a comprehensive benefits package aimed at promoting your well-being and professional growth, including:
- Medical and dental plans
- Vision coverage
- Disability and life insurance
- 401(k) plans
- Generous personal time off and firmwide breaks to support work-life balance.
How To Apply
If you are enthusiastic about this opportunity and meet the qualifications, we encourage you to apply promptly as we review applications on a rolling basis. We look forward to the possibility of welcoming you to our team.
Employment Type: Full-Time