Cybersecurity, Technology Risk and Privacy Manager

at CohnReznick LLP
Location Tysons, VA
Date Posted November 5, 2020
Category Default
Job Type Full-time

Description

Our Advisory Practice has an opportunity available for a Manager level in our Cybersecurity, Technology Risk, and Privacy Practice.

If you are:

  • A highly dedicated professional with impressive credentials and driven by new challenges and growth opportunities
  • A team player who believes in providing world-class client service and interested in becoming immersed in various industries
  • Looking for a work environment that values and promotes camaraderie, collaboration and giving back to the community

We offer:

  • Endless opportunities to contribute to the 11th largest professional services firm in the US
  • A unique culture that values collaboration in everything we do
  • A team of professionals driven by a sense of excellence, integrity, commitment to lifelong learning, respect for one another, adaptability, and making a difference
  • A network of 2,700 professionals committed to a diverse and inclusive workplace and giving back to the communities in which we live and work
  • Varied career paths supported by strong professional development programs and resources
  • A flexible work environment with competitive benefits

 

Look ahead. Imagine more. And consider joining the CohnReznick team.

Responsibilities:

  • Assess technology, cybersecurity, and privacy risks within client environments and the related controls and provide practical remediation plans
  • Conclude on the business impact to the organization as it relates to identified cybersecurity, technology, and/or privacy risks
  • Manage multiple engagements while maintaining company quality standards
  • Work with clients in a broad array of industries including information technology, financial services, retail & consumer products, pharmaceuticals, electronics, manufacturing, media, and government contracting etc.
  • Understand clients’ organizations and provide value-added solutions and best practices
  • Proactively manage client issues and expectations. Understand and appreciate the firm’s model of balancing client needs with profitability
  • Review and evaluate client IT environment including IT systems, processes, and controls to ensure compliance with prevailing regulatory laws and requirements
  • Work with clients to test for compliance with various prevailing regulatory laws, requirements, and standards including but not limited to Sarbanes-Oxley Act of 2002, NYDFS, , GDPR, CCPA, PCI DSS, ISO 27001, HIPAA, CMMC, etc.
  • Ensure engagement reporting observations and recommendations are based on a complete understanding of the process, circumstances, and risk
  • Prepare formal written reports providing recommendations for management to strengthen and improve operations in addition to identifying cost or efficiency savings
  • Identify areas for risk transformation and automation to assist clients with reducing the cost of compliance
  • Act as a professional mentor and coach to junior team members, participating in the performance management cycle
  • Participate in business development activities such as professional networking, proposal development, etc.
  • Other related duties assigned as needed

Requirements:

  • A minimum of seven years of experience with the following:
  • Working knowledge of Cloud Security Framework, General Data Protection Requirement (GDPR), COBIT 5, PCI DSS, ISO 27001/2, HIPAA, California Consumer Protection Act (CCPA), NIST 800-171/800-53/NIST 800-37 required
  • Background and understanding of the risks and controls in technologies such as web, cloud, client/server, open systems architecture, data warehousing, and imaging
  • Proficient understanding of Cloud security, Identity and Access Management, ERP, Operating Systems, Databases, and Network Infrastructure components
  • Knowledge of risks and controls in emerging technologies based on Blockchain, Internet of Things (IoT), and Artificial Intelligence is a plus
  • Experience managing simple and complex information technology internal audits
  • Experience managing team of various sizes across geographical boundaries
  • Exceptional oral and written communication skills
  • Demonstrated ability to manage client engagements and supervise staff
  • Bachelor’s Degree required, Master’s Degree preferred
  • CISA, CISSP, CCSK, CIPP, or CRISC required
  • Ability to travel up to 50% (domestic and international)

    #KN1

    #GD

    #CB