Cybersecurity Senior Manager
Grant Thornton (US), San Francisco, CA, United States
Job Description
The professionals in GT Advisors’ Cybersecurity practice help organizations build cybersecurity strategy into their overall business strategy. This includes supporting our clients to identify and understand their cyber risk exposure, design and implement cybersecurity programs and solutions to mitigate cyber threats and protect their assets, and respond to cyber‑attacks and incidents. GT Advisors’ Cybersecurity practice is in high‑demand and rapidly growing, offering a rewarding and challenging working environment and great career growth potential.
Role Responsibilities
Manage, lead, and perform cybersecurity assessments consisting of cybersecurity capability assessments, cyber threat and risk assessments, network and security architecture reviews, compliance and regulatory assessments, and system configuration reviews.
Manage, lead, and perform technical security testing, including cyber‑attack simulations and threat and vulnerability assessments.
Manage and support cybersecurity incident response readiness activities, including tabletop exercises and evaluations of incident response capabilities.
Lead practice and business development activities as well as client pursuit opportunities.
Support evaluating and establishing organizational cybersecurity strategies and cybersecurity programs.
Support cybersecurity risk and control remediation and security control implementation activities.
Develop strategic recommendations and consultative guidance for clients to help mature their cybersecurity programs, technology, processes and capabilities.
Manage assigned client engagements from start to finish, which includes engagement planning, fieldwork execution and reporting.
Manage and oversee client engagement delivery teams and perform quality review.
Remain current and apply knowledge of cybersecurity trends and risks.
Communicate and collaborate externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence.
Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements.
Develop and manage client relationships with the intention to exceed client expectations.
Adhere to the highest degree of professional standards and strict client confidentiality.
Participate in professional development activities and training sessions on regular basis.
Other duties as assigned.
Qualifications
Bachelor's degree in Information Technology, Cybersecurity, Computer Science or a related field is required.
CISSP, CISM, ISACA, CRISC, cloud security (e.g., AZ‑500, AWS Certified Security, Google Cloud Professional Architect / Security Engineer) or other related certifications required.
10+ years of related cybersecurity experience in a similar consulting practice or function.
Experience leading and managing one or more of the overarching areas below:
Assessing cybersecurity programs and capabilities against industry leading frameworks (e.g., NIST CSF, CRI Profile) and compliance and regulatory requirements.
Reviewing security architecture deployments and assessing and/or implementing secure configurations for network and infrastructure (including both on‑premises and cloud environments).
Performing cybersecurity threat and risk assessments.
Supporting cybersecurity program remediation activities.
Supporting cybersecurity compliance and regulatory remediation workstreams.
Supporting implementation and evaluation of zero trust architecture principles.
Supporting artificial intelligence (AI) security testing and assessments.
Assessing and/or implementing security solutions and controls across both on‑premises and cloud network environments.
Working knowledge of cybersecurity industry leading practices and frameworks, such as NIST CSF, CRI Profile, ISO 27001/2, NYS DFS 500, OWASP, MITRE ATT&CK.
Familiarity with common cyber event detection and threat and vulnerability management security solutions.
Strong project management skills and the ability to manage multiple engagements and competing priorities in a rapidly growing, fast‑paced, interactive, results‑based team environment.
Experience with practice development and client pursuit activities.
Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
Excellent analytical, organizational and project management skills.
Can travel as needed.
Salary Base salary range for this position in Los Angeles, San Francisco, & San Jose, CA only is between $202,500 and $337,500.
Equal Employment Opportunity It is the policy of Grant Thornton to promote equal employment opportunities. All personnel decisions (including, but not limited to, recruiting, hiring, training, working conditions, promotion, transfer, compensation, benefits, evaluations, and termination) are made without regard to race, color, religion, national origin, sex, age, marital or civil union status, pregnancy or pregnancy‑related condition, sexual orientation, gender identity or expression, citizenship status, veteran status, disability, handicap, genetic predisposition or any other characteristic protected by applicable federal, state, or local law. Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of Grant Thornton LLP to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. To make an accommodation request, please contact HRHelp@us.gt.com. For Los Angeles Applicants only: We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance. For Massachusetts Applicants only: It is unlawful in Massachusetts to require or administer a lie detector test as condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Gran Thornton does not require or administer lie detector tests as a condition of employments or continued employment.
#J-18808-Ljbffr
Role Responsibilities
Manage, lead, and perform cybersecurity assessments consisting of cybersecurity capability assessments, cyber threat and risk assessments, network and security architecture reviews, compliance and regulatory assessments, and system configuration reviews.
Manage, lead, and perform technical security testing, including cyber‑attack simulations and threat and vulnerability assessments.
Manage and support cybersecurity incident response readiness activities, including tabletop exercises and evaluations of incident response capabilities.
Lead practice and business development activities as well as client pursuit opportunities.
Support evaluating and establishing organizational cybersecurity strategies and cybersecurity programs.
Support cybersecurity risk and control remediation and security control implementation activities.
Develop strategic recommendations and consultative guidance for clients to help mature their cybersecurity programs, technology, processes and capabilities.
Manage assigned client engagements from start to finish, which includes engagement planning, fieldwork execution and reporting.
Manage and oversee client engagement delivery teams and perform quality review.
Remain current and apply knowledge of cybersecurity trends and risks.
Communicate and collaborate externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence.
Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements.
Develop and manage client relationships with the intention to exceed client expectations.
Adhere to the highest degree of professional standards and strict client confidentiality.
Participate in professional development activities and training sessions on regular basis.
Other duties as assigned.
Qualifications
Bachelor's degree in Information Technology, Cybersecurity, Computer Science or a related field is required.
CISSP, CISM, ISACA, CRISC, cloud security (e.g., AZ‑500, AWS Certified Security, Google Cloud Professional Architect / Security Engineer) or other related certifications required.
10+ years of related cybersecurity experience in a similar consulting practice or function.
Experience leading and managing one or more of the overarching areas below:
Assessing cybersecurity programs and capabilities against industry leading frameworks (e.g., NIST CSF, CRI Profile) and compliance and regulatory requirements.
Reviewing security architecture deployments and assessing and/or implementing secure configurations for network and infrastructure (including both on‑premises and cloud environments).
Performing cybersecurity threat and risk assessments.
Supporting cybersecurity program remediation activities.
Supporting cybersecurity compliance and regulatory remediation workstreams.
Supporting implementation and evaluation of zero trust architecture principles.
Supporting artificial intelligence (AI) security testing and assessments.
Assessing and/or implementing security solutions and controls across both on‑premises and cloud network environments.
Working knowledge of cybersecurity industry leading practices and frameworks, such as NIST CSF, CRI Profile, ISO 27001/2, NYS DFS 500, OWASP, MITRE ATT&CK.
Familiarity with common cyber event detection and threat and vulnerability management security solutions.
Strong project management skills and the ability to manage multiple engagements and competing priorities in a rapidly growing, fast‑paced, interactive, results‑based team environment.
Experience with practice development and client pursuit activities.
Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
Excellent analytical, organizational and project management skills.
Can travel as needed.
Salary Base salary range for this position in Los Angeles, San Francisco, & San Jose, CA only is between $202,500 and $337,500.
Equal Employment Opportunity It is the policy of Grant Thornton to promote equal employment opportunities. All personnel decisions (including, but not limited to, recruiting, hiring, training, working conditions, promotion, transfer, compensation, benefits, evaluations, and termination) are made without regard to race, color, religion, national origin, sex, age, marital or civil union status, pregnancy or pregnancy‑related condition, sexual orientation, gender identity or expression, citizenship status, veteran status, disability, handicap, genetic predisposition or any other characteristic protected by applicable federal, state, or local law. Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of Grant Thornton LLP to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. To make an accommodation request, please contact HRHelp@us.gt.com. For Los Angeles Applicants only: We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles’ Fair Chance Initiative for Hiring Ordinance. For Massachusetts Applicants only: It is unlawful in Massachusetts to require or administer a lie detector test as condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. Gran Thornton does not require or administer lie detector tests as a condition of employments or continued employment.
#J-18808-Ljbffr