Cyber Security - Strategy and Transformation Manager

Grant Thornton 1/6/2020 8:04:33 AM
JOB ID: 045182 Specialty:
Arlington, Virginia

   

DOWNLOAD PDF

 


Grant Thornton LLP (Grant Thornton) is the U.S member firm of Grant Thornton International Ltd., one of the world’s leading organizations of independent audit, tax and advisory firms. We’ve never been a typical professional services firm. We put people first, and that is what sets us apart.

As one of the fastest-growing professional services firms in the world, Grant Thornton LLP is continuously seeking top talent. Discover a place where you’ll work with a team of professionals, dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.

Cyber Strategy and Transformation Manager

Position Summary

As companies become increasingly dependent on information technology (IT) to conduct daily business activities, they need to secure and control their technology infrastructure. Grant Thornton's Cyber Risk Advisory Services practice addresses these security and control issues. We are looking for consultants with extensive consulting, technological and industry experience who will help our clients solve their complex business issues from strategy through execution. A Cyber Risk consulting career will provide the opportunity to grow and contribute to our clients' business issues every day, applying a collection of information and Cyber security capabilities, including security and privacy strategy and governance, IT risk, security testing, technology implementation/operations, and cyber crime and breach response.

Our Cyber Strategy and Transformation services help clients understand the current cyber security risk landscape, make cyber security a collective priority, and develop and implement solutions across people, processes, and technologies. We provide the foundations to design, manage and operate a cyber security program aligned to business strategy, and increase organizational resilience in the face of an ever-changing threat landscape.

Essential Duties and Responsibilities

Adhere to the highest degree of professional standards and strict client confidentiality.
Execute assigned client engagements from start to finish, which includes the engagement planning, directing, and completion of IT security assessments and Information Security architectural design and deployments while managing those engagements to budget.
Apply current knowledge of technology and cyber trends and to identify security and risk management issues and other opportunities for improvement.
Assist clients in planning and executing remediation plans identified in assessment activities.
Work with the client to plan an engagement strategy, define objectives, and address technology- related controls risks and issues.
Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements.
Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
Participate in professional development activities and training sessions on regular basis.
Other duties as assigned.

Qualifications

Minimum Year(s) of Experience: 5 years.
Bachelor's degree in Information Technology, Computer Science or a related field is required.
Masters in cybersecurity, Information system or business administration is preferred.
Certification(s) Preferred: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), ISACA, Certified in Risk and Information Systems Control
Complete understanding of Industry Standards/frameworks such as COBIT, NIST, ISO 27001, and PCI-DSS etc. is necessary. Demonstrate proven and extensive abilities solving complex cyber-risk management issues, including the following areas:
Design and development of IT Risk and Cyber security programs using industry frameworks and methodologies;
Designing KRIs and metrics to build risk reports for management
­Implementation and maintenance of enterprise-wide cyber risk governance frameworks;
Assessment of enterprise-wide business risks and cyber threats;
Development of detailed business risk scenarios and cyber threat models;
Design and implementation of cyber risk management controls;
Monitoring and reporting of cyber risks, threats and vulnerabilities;
Development, implementation and periodic testing of cyber resiliency plans;
Use of tools and technology to provide data analytics and business intelligence on cyber threats, risks and vulnerabilities;
Advising clients on complying with regulatory requirements such as FFIEC, GLBA, NY DFS etc. as well as industry frameworks such as NIST CSF, COBIT, COSO and PCI;
Building and operationalizing complex IT risk management and cyber security programs for clients.

Skills Preferred

Take ownership of your work, by performing self-reviews of all work performed.
Produce high quality deliverables on client engagements requiring little re-work. Ensure they are on time and well organized.
Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
Ability to deal with ill-defined problems and propose coherent solutions for the client.
Execution of assigned client engagements from start to finish, which includes the engagement planning, directing, and completion while managing those engagements to budget.
Manage the team comprising of seniors and associates and maintain professionalism across team.
Apply current knowledge of IT trends and systems processes to identify security and risk management issues and other opportunities for improvement.
Assist clients in developing and executing risk management activities.
Participate in clients call as Security SME; provide solutions best fitted to the requirement and in line with the Industry best practices.
Ability to work additional hours and travel domestically as needed.

Benefits

Grant Thornton LLP promotes a nationally recognized culture of health and offers an extensive array of benefits to meet individual lifestyles. For a complete list of benefits, please visit www.gt.com.

It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability or any other characteristic protected by applicable federal, state or local law.






Requisition ID: 045182

Arlington, VA
Arlington, Virginia




APPLY TO THIS JOB