Cyber Security - Associate

Riveron

About The Position

In today’s dynamic environment, business leaders face constantly shifting risks. Riveron helps organizations implement leading governance, risk and compliance practices by combining deep expertise with pragmatic partnership, using a hands-on approach to understand the specific needs of the organization and create tailored solutions to address key compliance risks. Our Cyber Security & Data Privacy (CSDP) services include building GRC/Cybersecurity programs from the ground up, framework readiness, design and maintenance of critical security domains, managed internal controls testing and monitoring, co-sourced/outsourced internal audit, segregation of duties and access risk review, policy and procedure development, enterprise risk management, and IT and cybersecurity risk assessment. The Associate level position for Riveron’s CSDP group will work collaboratively with senior team members who provide guidance, coaching, and direction. The role includes supporting the implementation of GRC/Cybersecurity programs, assessing the design and operating effectiveness of IT General Controls (ITGC), developing and executing remediation roadmaps, incident response, completing vendor reviews and performing IT risk assessments.

Requirements

Bachelor's and/or Master’s degree in Information Technology (IT), Computer Information Systems (CIS), Management Information Systems (MIS), or a related field
Relevant certification preferred, such as CompTIA Security+, CISA, AWS Cloud Practitioner
Minimum 1 year of experience in an IT Audit, Cybersecurity Analyst or IT Risk Advisory role
Demonstrated knowledge of compliance frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST, FedRAMP, CMMC
Familiarity with GRC solutions, tools, and technologies

Responsibilities

Support Senior Associates and Managers in implementing cybersecurity programs aligned with SOC 2, ISO 27001, and other security and privacy frameworks
Conduct compliance readiness assessments and assist with external audits
Maintain day-to-day compliance, security, and privacy operations, including incident response tabletop exercises and formalizing response and notification procedures
Assist clients with key security and compliance initiatives, including risk assessments, business continuity planning, cloud configurations, user access reviews, and asset inventories
Implement and manage GRC platforms (e.g., Drata GRC platform, Vanta compliance automation platform, Tugboat Logic platform)
Perform vendor risk reviews, including analyzing SOC 2 reports and managing security questionnaires
Develop and maintain security policies and standard operating procedures (SOPs) across key domains
Coordinate project activities, set priorities, and track progress against timelines, budgets, and deliverables
Communicate regularly with clients to manage expectations and provide project status updates
Deliver clear written and verbal presentations, including recommendations for operational and financial improvements to executive stakeholders
Stay current on emerging risks and evolving control practices
Build and maintain strong industry relationships to support long-term business development

Benefits

Full time roles are eligible for a full range of benefits including medical, dental, and vision insurance, 401(k) with company match, and PTO.
A complete description of all available benefits can be found at Riveron's Benefits page at https://riveron.com/riveron-life.
Contract roles are not eligible for benefits.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume