Grant Thornton -
Grant Thornton is a collaborative, entrepreneurial firm on the move! As part of a dynamic, global organization of more than 42,000 people serving clients in more than 120 countries, we have the agility and focus it takes to be a leader.
Grant Thornton’s Advisory professionals are progressive thinkers who create, protect, transform value today, so our clients have the opportunity to thrive and grow. Our advisory practice creates holistic solutions delivered by innovative, curious professionals who bring technical depth and industry insight to our clients.
Cyber Risk Senior Associate
As part of the Risk Advisory Practice, the Risk Technology services team supports all of the advisory functions that enable risk management solutions. Risk Technology solutions support Enterprise, Operational and Cyber risk solution capabilities with the development of technology frameworks, methodologies, intellectual property and technology platform implementation capabilities that drive efficiency and effectiveness resulting in better visibility into risks.
Grant Thornton’s Risk Technology capabilities include assisting clients with the evaluation, planning, designing, building, operation, integration and maintenance of various technology platforms. Capabilities will also include developing integrated solutions to drive better analytics, reporting and monitoring of risks.
The Risk Technology solutions Senior Associate will be an important thought leader and integral member of the advisory management team. The qualified applicant will be able to effectively apply risk enablement approaches and configure automated tools for clients across multiple industries and maturity levels.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
· Participating in the solution development process and ensuring that customer requests and needs are represented within the product
· Designing and deployment of enterprise software solutions, including on-site implementations
· Assisting with performing technical and competitive analysis of RSA Archer solutions, including performance, debugging and other operational metrics.
· Familiarity with risk standards and models is preferred.
· Familiarity with Governance, Risk and Compliance platforms is preferred, especially RSA Archer
· Familiarity with Security Analytics is a plus
· Familiarity with Asset Management solutions is a plus
· Familiarity with risk reporting and dashboard solutions, including Business Intelligence platforms, is a plus
· Ability to communicate difficult subject matter in a clear and concise fashion is important.
· Ability to work with different delivery teams to support technology capabilities as part of larger projects is required.
· Ability to consider non-traditional approaches to solve traditional security challenges is important.
· Experience in offshore team- and capability-development is preferred.
· Communicate (verbally and in writing) externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence.
· Motivate others to perform at maximum efficiency without sacrificing quality of the services delivered.
· Maintain a good working relationship with clients and work effectively with client management and staff at all levels to gather information and perform services.
· Work closely with Grant Thornton managers and partners to promptly identify and resolve client problems or issues.
· Bachelor's degree in Cybersecurity, Information Technology, Computer Science or a related field is required.
· Two to six years of related work experience in a similar consulting practice or function, servicing cross-industry clients at a national level. This level of experience is required in one or more of the following areas:
o Vulnerability assessments, network penetration tests, wireless security assessments, web application security assessments, and social engineering activities. Hands-on working experience with commercial and open-source network and application security testing tools (E.g. Kali Linux, Nessus, Metasploit, Burp Suite, etc.) is expected.
o Designing and implementing asset management solutions, including performing asset discovery and profiling. Hands-on working experience with relevant enterprise technology (E.g. Tanium, ServiceNow, HP UCMDB, etc.) is expected.
o Designing and implementing threat and vulnerability management solutions. Hands-on working experience with relevant enterprise technology (E.g. Qualys, Rapid 7, Brinqa, Kenna, ServiceNow, Securonix, etc.) is expected.
o Assessing, designing and implementing application security programs, including facilitating a secure SDLC and performing code analysis. Hands-on working experience with enterprise tools (E.g. HP Fortify, Veracode, etc.) is expected.
o Assessing, designing and implementing end-point security solutions and platforms. Hands-on working experience with relevant enterprise technology (E.g. McAfee, Symantec, Carbon Black, etc.) is expected.
o Assessing, designing and implementing security logging and monitoring solutions and platforms. Hands-on working experience with relevant SIEM technology (E.g. QRadar, ArcSight, LogRhythm, Splunk, etc.) is expected.
o Designing and implementing security operations center process development, operationalization and optimization strategies.
o Assessing insider threats and designing and implementing insider threat management programs.
· Experience with the secure configuration of various infrastructure platforms and devices such as Microsoft Windows, Unix / Linux, and common network devices (routers, switches, firewalls).
· Working knowledge of cybersecurity industry best practices and guidance, including NIST Cybersecurity Framework and SP 800 series, OWASP, CIS Critical Security Controls, ISO 27001/2.
· Understanding of TCP/IP protocol suite.
· Experience in project management and the ability to clearly communicate security technology issues verbally on both a formal and informal basis to all levels of client staff.
· One or more of the following industry certifications will be required to be obtained during employment with GT: CISSP, SANS GIAC, OSCP, or CISM.
· Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
· Ability to work additional hours as needed and travel on a regular basis to clients as required. Travel for this position can go as high as 60%.
Grant Thornton LLP promotes a nationally recognized culture of health and offers an extensive array of benefits to meet individual lifestyles. For a complete list of benefits please visit http://www.gt.com/.
Founded in Chicago in 1924, Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd, one of the world’s leading organizations of independent audit, tax and advisory firms. Grant Thornton has revenues in excess of $1.3 billion and operates 57 offices across the U.S., with more than 500 partners and 6,000 employees.
Grant Thornton works with a broad range of publicly and privately held companies, government agencies, financial institutions, and civic and religious organizations. Core industries served include consumer and industrial products, financial services, not-for-profit, private equity, and technology. Grant Thornton focuses on serving dynamic organizations that pursue growth holistically whether through revenue improvement, leadership, mission fulfillment or innovation.
It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability or any other characteristic protected by applicable federal, state or local law.
Requisition ID: 036751
Los Angeles, CA
Los Angeles, California