Senior Associate- Cybersecurity & Privacy

Responsibilities

• Review and assess IT environments, risks, and controls for companies of all sizes and industries
• Collaborate with other team members to develop service proposals, project documentation and reports
• Thoughtfulness in client and team interactions and an ability to weigh issues and challenges
• Assist clients with Identity and Access Management practices including provisioning, roles and rules management, access management governance
• Use of Network security tools such as NMAP, Nessus, Metasploit, etc.
• Demonstrate a thorough understanding of complex information systems, cyber security concepts, cyber threats, proactive defense principles, strategies and market leading solutions
• Use and assess security device technologies such as Firewalls, VPN, IDS/IPS and Endpoint security
• Assist clients with Information Protection and Privacy (data protection strategy, privacy impact assessments)
• Participate in highly complex and specialized client engagements, reporting status and collaborating with Cybersecurity team members including: Manager, Associate Director, Director and Managing Director
• Review and execute information security strategies, cybersecurity programs and develop security metrics and reporting
• Work with project team on integration of security services, including authentication, entitlements, encryption security engineering, architecture and audit capabilities as part of an overall system design
• Build and maintain client relationships and stay current on industry trends
• Participate in project meetings, status updates, training sessions and other events as needed
• Learn new technologies and tools in order to keep skills updated and relevant to client’s needs
• Prioritize tasks and manage concurrent projects

Requirements

• Bachelor’s degree is required in a related field; Information Systems, Computer Science, Mathematics, Economics, Business, Finance or Accounting preferred
• Minimum of 3 years of Big 4 experience or related consulting/professional services firm experience with hands-on knowledge in IT consulting, with increasing responsibilities in Cybersecurity
• Security certification such as CISSP, GIAC, CISA, CIPP/US, CIPP/E, CIPT is an asset
• Excellent project management and organizational skills
• Knowledge of cyber security frameworks such as NIST Cybersecurity Framework ISO 27001 and ISO 27002, CIS Top 20, PCI-DSS
• Knowledge of Governance and Policy creation is an asset
• Knowledge of threat modeling methodologies such as MITRE Attack is a plus
• Ability to manage time according to budget while balancing team and client needs

Pay and Benefits

• 40-hour work week
• Training events to ensure CPE compliance
• Medical, Dental, Vision Plans
• 401(k) match
• PTO: 15 days accrued per year            
• Company paid holidays, including company shutdown the week between Christmas and New Years
• 3 wellness days
• Various opportunities for peer engagement: quarterly huddles, happy hours, summer and a holiday party
• Monthly mobile reimbursement
• Reimbursement allowances: flex, technology, health and wellness and personal development
• Fully stocked kitchen
• Base Pay $105,000 - $121,000          
• Overtime bonus and Performance bonus in addition to the base pay