Cybersecurity, Technology Risk, and Privacy - Manager
Our Advisory Practice has an opportunity available for a Manager level in our Cybersecurity, Technology Risk, and Privacy Practice.
If you are:
- A highly dedicated professional with impressive credentials and driven by new challenges and growth opportunities
- A team player who believes in providing world-class client service and interested in becoming immersed in various industries
- Looking for a work environment that values and promotes camaraderie, collaboration and giving back to the community
Look ahead. Imagine more. And consider joining the CohnReznick team.Responsibilities:
- A unique culture that values collaboration in everything we do
- A team of professionals driven by a sense of excellence, integrity, commitment to lifelong learning, respect for one another, adaptability, and making a difference
- A network of 2,700 professionals committed to a diverse and inclusive workplace and giving back to the communities in which we live and work
- Varied career paths supported by strong professional development programs and resources
- A flexible work environment with competitive benefits
- Assess technology, cybersecurity, and privacy risks within client environments and the related controls and provide practical remediation plans
- Conclude on the business impact to the organization as it relates to identified cybersecurity, technology, and/or privacy risks
- Manage multiple engagements while maintaining company quality standards
- Work with clients in a broad array of industries including information technology, financial services, retail & consumer products, pharmaceuticals, electronics, manufacturing, media, and government contracting etc.
- Understand clients' organizations and provide value-added solutions and best practices
- Proactively manage client issues and expectations. Understand and appreciate the firm's model of balancing client needs with profitability
- Review and evaluate client IT environment including IT systems, processes, and controls to ensure compliance with prevailing regulatory laws and requirements
- Work with clients to test for compliance with various prevailing regulatory laws, requirements, and standards including but not limited to Sarbanes-Oxley Act of 2002, NYDFS, GDPR, CCPA, PCI DSS, ISO 27001, HIPAA, CMMC, etc.
- Ensure engagement reporting observations and recommendations are based on a complete understanding of the process, circumstances, and risk
- Prepare formal written reports providing recommendations for management to strengthen and improve operations in addition to identifying cost or efficiency savings
- Identify areas for risk transformation and automation to assist clients with reducing the cost of compliance
- Act as a professional mentor and coach to junior team members, participating in the performance management cycle
- Participate in business development activities such as professional networking, proposal development, etc.
- Performing internal audits
- Other related duties assigned as needed
- A minimum of seven years of experience with the following:
- Working knowledge of Cloud Security Framework, General Data Protection Requirement (GDPR), COBIT 5, PCI DSS, ISO 27001/2, HIPAA, California Consumer Protection Act (CCPA), NIST 800-171/800-53/NIST 800-37 required
- Background and understanding of the risks and controls in technologies such as web, cloud, client/server, open systems architecture, data warehousing, and imaging
- Proficient understanding of Cloud security, Identity and Access Management, ERP, Operating Systems, Databases, and Network Infrastructure components
- Knowledge of risks and controls in emerging technologies based on Blockchain, Internet of Things (IoT), and Artificial Intelligence is a plus
- Experience managing simple and complex information technology internal audits
- Experience managing team of various sizes across geographical boundaries
- Exceptional oral and written communication skills
- Demonstrated ability to manage client engagements and supervise staff
- Bachelor's Degree required, Master's Degree preferred
- CISA, CISSP, CCSK, CIPP, or CRISC required
- Ability to travel up to 20% (domestic and international)
This job has expired.