IT Security Assessment and CMMC Senior Associate

Grant Thornton 9/14/2020 6:45:50 PM
JOB ID: 047470 Specialty:
Arlington, Virginia




Grant Thornton is seeking a Senior Associate level Cyber Security Practitioner with 3+ years of information security experience to be a key part of the rapidly growing cyber service within Grant Thornton's Public Sector Practice.

Grant Thornton Public Sector helps executives and managers at all levels of government maximize their performance and efficiency in the face of ever tightening budgets and increased demand for services. We give clients creative, cost-effective solutions that enhance their acquisition, financial, human capital, information technology, data analytics, and performance management. For more information, visit

At Grant Thornton, our professional staff applies traditional, cutting-edge approaches and methods to a variety of analyses. As part of our team, the Senior Associate will utilize various methodologies and models to execute client projects.

Performing cyber security assessments to detect and identify weaknesses in the security posture of an organization's information technology environment (platforms, applications, infrastructure, etc.);
Developing recommendations and action plans to reduce, mitigate, and/or remediate the impact of identified vulnerabilities;
Conducting vulnerability scans, evaluating results, and delivering comprehensive reports to communicate findings and impact to both technical and non-technical audiences;
Executing targeted attacks to simulate the methods and activities of a malicious attacker from both internal and external entry points
Meet or exceed targeted billing hours (utilization).
Assist with business development activities, such as proposals, capture, account teams, whitepapers, conferences, and/or other thought leadership materials.


Working knowledge of NIST 800-171 and is familiar with the emerging DoD Cybersecurity Maturity Model Certification (CMMC)
Experience in Security Accreditation and Authorization processes (SA&A) where IT security controls are evaluated for design and operating effectiveness
Working knowledge of information security control frameworks including NIST Special Publications, ISO, FISMA, COBIT, etc.
Other desired technical skillsets (but not required) include a combination of the following: Network scanning, Mobile device security management, Independent Verification & Validation (IV&V), understanding Privacy Impact Analyses, Cybersecurity strategy and governance assessments, Cybersecurity risk assessments, Cyber best practices and benchmarking, Vulnerability management, Disaster recovery and contingency planning, Compliance testing with regulatory requirements and industry frameworks, Security Test & Evaluation (ST&E)

Bachelor’s Degree required from an accredited college or university in a related field.
Ability to obtain and maintain certain job-related certifications if no job-related advanced degrees.
U.S. citizenship may be required. Ability to work in the United States indefinitely required.
Travel may be required.
Ability to work overtime required on occasion.
Ability to sit in an office environment for long periods of time.
Ability to obtain and maintain a security clearance.
Ability to communicate clearly in writing and verbally.
Ability to obtain and maintain firm independence and abide by firm ethics requirements.
Meet or exceed continuing professional education (CPE) requirements.

Grant Thornton Public Sector LLC (“Grant Thornton Public Sector”), based in Arlington, VA, is a global management consulting business with the mission of providing responsive and innovative financial, performance management and systems solutions to governments and international organizations. Visit Grant Thornton’s Public Sector at

It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability, or any other characteristic protected by applicable federal, state, or local law.

Requisition ID: 047470

Arlington, VA
Arlington, Virginia