IT Audit, Risk and Cybersecurity - Senior Associate
CohnReznick, Parsippany, New Jersey, us, 07054
IT Audit, Risk and Cybersecurity - Senior Associate
Opportunity ID
9266
Department
Advisory
Location(s)
Parsippany
State
New Jersey
Function
Risk Advisory
Job Description
As CohnReznick grows, so do our career opportunities. As one of the nation's top professional services firms, CohnReznick creates rewarding careers in advisory, assurance, and tax with team members who value innovation and collaboration in everything they do!
CohnReznick helps organizations optimize performance, manage risk, and maximize value through CohnReznick LLP (assurance services) and CohnReznick Advisory LLC (advisory and tax services). Together, the firm provides leaders with deep industry knowledge and relationships, solutions to address clients' unique business goals and risks, and insight on how emerging market forces can drive opportunity. With offices nationwide, the firm serves organizations around the world as an independent member of Nexia.
We currently have an exciting career opportunity for a
Senior Associate
to join the
IT Audit and Cybersecurity (CMMC)
team in our
Risk Advisory
practice.
CohnReznick is a hybrid firm and most of our professionals are located within a commutable distance to one of our offices. This position is considered hybrid which means team members are expected to be thoughtful and intentional in how they create opportunities for in-person collaboration. While the cadence of in-office presence is determined at the team level, our professionals are encouraged to be in the office/together in person on average 3 days a week.
YOUR TEAM.
Join a diverse team of fun-loving, energetic professionals with decades of experience managing security, technology, and privacy risks in nearly every industry sector who have a passion for creating tailored solutions that go beyond technology offerings or tools and help clients reduce cost of compliance while mitigating risks.
WHY COHNREZNICK?
At CohnReznick, we're united by a common mission to create opportunity, value, and trust for our clients, our people, and our communities. Whether it's working alongside your peers to solve a client challenge, or volunteering together at the local food bank, there are so many ways to find your "why" at the firm.
We believe it's important to balance work with everyday life - and make time for enjoyment and fun. We invest in a robust Total Rewards package that includes everything from generous PTO, a flexible work environment, expanded parental leave, extensive learning & development, and even paid time off for employees to volunteer.
OUR ROLE.
Responsibilities include but not limited to:
The Senior Consultant will support and lead the execution of IT audit, IT risk management, and cybersecurity assessment engagements for a diverse client base, including organizations subject to regulatory, contractual, and federal cybersecurity requirements. This role will play a key part in performing risk-based IT audits, cyber maturity and compliance assessments, and advisory services.
The Senior Consultant is expected to work independently on assigned areas, contribute to client deliverables, mentor junior staff, and collaborate closely with Managers and Partners to deliver high-quality, practical solutions. .
IT Audit & IT Risk Execute and support risk-based IT audits and IT risk assessments, including evaluation of IT general controls (ITGCs), automated application controls, and key technology-enabled business processes. Assess control design and operating effectiveness across domains such as access management, change management, system development lifecycle (SDLC), incident response, and vendor management. Support SOX-relevant IT controls testing, internal audit co-sourcing, and other compliance-driven engagements as applicable. Identify control gaps, assess risk impact, and develop clear, actionable recommendations for remediation. Cybersecurity & CMMC Assessments
Perform cybersecurity assessments and readiness reviews aligned to CMMC, NIST SP 800-171, NIST CSF, ISO27001, and other recognized frameworks. Support or lead CMMC gap assessments, readiness assessments, and advisory activities for organizations in the Defense Industrial Base (DIB). Assist in evidence collection, validation, and analysis for cybersecurity and compliance assessments. Contribute to development of client deliverables, including assessment reports, risk summaries, and management presentations. Client Delivery & Engagement Support
Serve as a day-to-day engagement team member, managing assigned workstreams and coordinating with team members and client stakeholders. Simultaneously serve multiple engagements while maintaining high quality standards Work with clients in a broad array of industries including information technology, financial services, retail & consumer products, pharmaceuticals, electronics, manufacturing, media, and government contracting etc. Facilitate client interviews and walkthroughs to understand IT environments, security controls, and operational processes. Ensure workpapers and deliverables meet quality, consistency, and documentation standards. Understand clients' organizations and provide value-added solutions and best practices Identify emerging risks, trends, and improvement opportunities for clients. Team Collaboration & Development
Mentor and review work performed by Consultants and Analysts. Share knowledge and best practices related to IT audit, cybersecurity, and CMMC requirements. Contribute to internal methodology development, tools, and training initiatives. YOUR EXPERIENCE.
The successful candidate will have:
Bachelor's degree in Information Systems, Computer Science, Accounting, Cybersecurity, or a related field. 4+ years of relevant experience in IT audit, IT risk, cybersecurity, or technology advisory roles. Hands-on experience performing IT audits, IT risk assessments, or cybersecurity assessments. Strong understanding of internal controls, risk management concepts, and common cybersecurity frameworks. Background and understanding of the risks and controls in technologies such as web, cloud, client/server, open systems architecture, data warehousing, and imaging Proficient understanding of cloud security, Identity and Access Management, ERP, Operating Systems, Databases, and Network Infrastructure components Knowledge of risk and controls related to emerging technologies such as AI, blockchain, and automation. Working knowledge of Cloud Security Framework, General Data Protection Requirement (GDPR), COBIT 5, ISO 27001/2, HIPAA, California Consumer Protection Act (CCPA), NIST 800-171/800-53/NIST 800-37 Excellent written and verbal communication skills, with the ability to explain technical concepts to non-technical audiences. Ability to manage multiple priorities and work effectively in a client-facing consulting environment. Participate in business development activities such as proposal writing, professional networking, and thought leadership development Certified Information Systems Auditor (CISA) - strongly preferred. Certified CMMC Assessor (CCA) or active progress toward CMMC Assessor certification - strongly preferred. Additional certifications a plus, such as: Experience supporting federal, government contractor, or regulated industry clients. Ability to work onsite 3 days per week, and travel up to 50% (domestic and international)
In addition, please take a moment to review our
Studies have shown that we are less likely to apply to jobs unless we meet every single qualification. At CohnReznick, we are dedicated to building a diverse, equitable, and inclusive workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or one of our other roles.
In
New Jersey , the salary range for a
Senior Associate
is
$85,000 to $140,000 . Salary is one component of the CohnReznick total rewards package, which includes a discretionary performance bonus, generous paid time off, expanded, and inclusive parental benefits, and access to best-in-class learning and development platforms, to name a few. To learn more about life at CohnReznick, visit
.
"CohnReznick" is the brand name under which CohnReznick LLP and CohnReznick Advisory LLC and their respective subsidiaries provide professional services. CohnReznick LLP and CohnReznick Advisory LLC (and their respective subsidiaries) practice in an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. CohnReznick LLP is a licensed CPA firm that provides attest services to its clients. CohnReznick Advisory LLC provides tax and business consulting services to its clients. CohnReznick Advisory LLC and its subsidiaries are not licensed CPA firms.
CohnReznick is an equal opportunity employer, committed to a diverse and inclusive team to drive business results and create a better future every day for our team members, clients, partners, and communities. We believe a diverse workforce allows us to match our growth ambitions and drive inclusion across the business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. For more information, please see
If you are an individual with a disability in need of assistance at any time during our recruitment process, please contact us at Please note: This email address is reserved for individuals with disabilities in need of assistance and are not a means of inquiry about positions or application statuses.
CohnReznick does not accept unsolicited resumes from third-party recruiters unless such recruiters are currently engaged by CohnReznick Talent Acquisition Team by way of a written agreement to provide candidates for a specified opening. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that CohnReznick will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.
#GD #LI-Hybrid
Opportunity ID
9266
Department
Advisory
Location(s)
Parsippany
State
New Jersey
Function
Risk Advisory
Job Description
As CohnReznick grows, so do our career opportunities. As one of the nation's top professional services firms, CohnReznick creates rewarding careers in advisory, assurance, and tax with team members who value innovation and collaboration in everything they do!
CohnReznick helps organizations optimize performance, manage risk, and maximize value through CohnReznick LLP (assurance services) and CohnReznick Advisory LLC (advisory and tax services). Together, the firm provides leaders with deep industry knowledge and relationships, solutions to address clients' unique business goals and risks, and insight on how emerging market forces can drive opportunity. With offices nationwide, the firm serves organizations around the world as an independent member of Nexia.
We currently have an exciting career opportunity for a
Senior Associate
to join the
IT Audit and Cybersecurity (CMMC)
team in our
Risk Advisory
practice.
CohnReznick is a hybrid firm and most of our professionals are located within a commutable distance to one of our offices. This position is considered hybrid which means team members are expected to be thoughtful and intentional in how they create opportunities for in-person collaboration. While the cadence of in-office presence is determined at the team level, our professionals are encouraged to be in the office/together in person on average 3 days a week.
YOUR TEAM.
Join a diverse team of fun-loving, energetic professionals with decades of experience managing security, technology, and privacy risks in nearly every industry sector who have a passion for creating tailored solutions that go beyond technology offerings or tools and help clients reduce cost of compliance while mitigating risks.
WHY COHNREZNICK?
At CohnReznick, we're united by a common mission to create opportunity, value, and trust for our clients, our people, and our communities. Whether it's working alongside your peers to solve a client challenge, or volunteering together at the local food bank, there are so many ways to find your "why" at the firm.
We believe it's important to balance work with everyday life - and make time for enjoyment and fun. We invest in a robust Total Rewards package that includes everything from generous PTO, a flexible work environment, expanded parental leave, extensive learning & development, and even paid time off for employees to volunteer.
OUR ROLE.
Responsibilities include but not limited to:
The Senior Consultant will support and lead the execution of IT audit, IT risk management, and cybersecurity assessment engagements for a diverse client base, including organizations subject to regulatory, contractual, and federal cybersecurity requirements. This role will play a key part in performing risk-based IT audits, cyber maturity and compliance assessments, and advisory services.
The Senior Consultant is expected to work independently on assigned areas, contribute to client deliverables, mentor junior staff, and collaborate closely with Managers and Partners to deliver high-quality, practical solutions. .
IT Audit & IT Risk Execute and support risk-based IT audits and IT risk assessments, including evaluation of IT general controls (ITGCs), automated application controls, and key technology-enabled business processes. Assess control design and operating effectiveness across domains such as access management, change management, system development lifecycle (SDLC), incident response, and vendor management. Support SOX-relevant IT controls testing, internal audit co-sourcing, and other compliance-driven engagements as applicable. Identify control gaps, assess risk impact, and develop clear, actionable recommendations for remediation. Cybersecurity & CMMC Assessments
Perform cybersecurity assessments and readiness reviews aligned to CMMC, NIST SP 800-171, NIST CSF, ISO27001, and other recognized frameworks. Support or lead CMMC gap assessments, readiness assessments, and advisory activities for organizations in the Defense Industrial Base (DIB). Assist in evidence collection, validation, and analysis for cybersecurity and compliance assessments. Contribute to development of client deliverables, including assessment reports, risk summaries, and management presentations. Client Delivery & Engagement Support
Serve as a day-to-day engagement team member, managing assigned workstreams and coordinating with team members and client stakeholders. Simultaneously serve multiple engagements while maintaining high quality standards Work with clients in a broad array of industries including information technology, financial services, retail & consumer products, pharmaceuticals, electronics, manufacturing, media, and government contracting etc. Facilitate client interviews and walkthroughs to understand IT environments, security controls, and operational processes. Ensure workpapers and deliverables meet quality, consistency, and documentation standards. Understand clients' organizations and provide value-added solutions and best practices Identify emerging risks, trends, and improvement opportunities for clients. Team Collaboration & Development
Mentor and review work performed by Consultants and Analysts. Share knowledge and best practices related to IT audit, cybersecurity, and CMMC requirements. Contribute to internal methodology development, tools, and training initiatives. YOUR EXPERIENCE.
The successful candidate will have:
Bachelor's degree in Information Systems, Computer Science, Accounting, Cybersecurity, or a related field. 4+ years of relevant experience in IT audit, IT risk, cybersecurity, or technology advisory roles. Hands-on experience performing IT audits, IT risk assessments, or cybersecurity assessments. Strong understanding of internal controls, risk management concepts, and common cybersecurity frameworks. Background and understanding of the risks and controls in technologies such as web, cloud, client/server, open systems architecture, data warehousing, and imaging Proficient understanding of cloud security, Identity and Access Management, ERP, Operating Systems, Databases, and Network Infrastructure components Knowledge of risk and controls related to emerging technologies such as AI, blockchain, and automation. Working knowledge of Cloud Security Framework, General Data Protection Requirement (GDPR), COBIT 5, ISO 27001/2, HIPAA, California Consumer Protection Act (CCPA), NIST 800-171/800-53/NIST 800-37 Excellent written and verbal communication skills, with the ability to explain technical concepts to non-technical audiences. Ability to manage multiple priorities and work effectively in a client-facing consulting environment. Participate in business development activities such as proposal writing, professional networking, and thought leadership development Certified Information Systems Auditor (CISA) - strongly preferred. Certified CMMC Assessor (CCA) or active progress toward CMMC Assessor certification - strongly preferred. Additional certifications a plus, such as: Experience supporting federal, government contractor, or regulated industry clients. Ability to work onsite 3 days per week, and travel up to 50% (domestic and international)
In addition, please take a moment to review our
Studies have shown that we are less likely to apply to jobs unless we meet every single qualification. At CohnReznick, we are dedicated to building a diverse, equitable, and inclusive workplace, so if you're excited about this role but your experience doesn't align perfectly with every qualification in the job description, we still encourage you to apply. You may be just the right candidate for this or one of our other roles.
In
New Jersey , the salary range for a
Senior Associate
is
$85,000 to $140,000 . Salary is one component of the CohnReznick total rewards package, which includes a discretionary performance bonus, generous paid time off, expanded, and inclusive parental benefits, and access to best-in-class learning and development platforms, to name a few. To learn more about life at CohnReznick, visit
.
"CohnReznick" is the brand name under which CohnReznick LLP and CohnReznick Advisory LLC and their respective subsidiaries provide professional services. CohnReznick LLP and CohnReznick Advisory LLC (and their respective subsidiaries) practice in an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations, and professional standards. CohnReznick LLP is a licensed CPA firm that provides attest services to its clients. CohnReznick Advisory LLC provides tax and business consulting services to its clients. CohnReznick Advisory LLC and its subsidiaries are not licensed CPA firms.
CohnReznick is an equal opportunity employer, committed to a diverse and inclusive team to drive business results and create a better future every day for our team members, clients, partners, and communities. We believe a diverse workforce allows us to match our growth ambitions and drive inclusion across the business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. For more information, please see
If you are an individual with a disability in need of assistance at any time during our recruitment process, please contact us at Please note: This email address is reserved for individuals with disabilities in need of assistance and are not a means of inquiry about positions or application statuses.
CohnReznick does not accept unsolicited resumes from third-party recruiters unless such recruiters are currently engaged by CohnReznick Talent Acquisition Team by way of a written agreement to provide candidates for a specified opening. Any employment agency, person or entity that submits an unsolicited resume does so with the understanding that CohnReznick will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person or entity.
#GD #LI-Hybrid