Cyber Security Senior Associate

RSM US LLP•McLean, VA

About The Position

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM. We are currently looking for team members to join our Cyber Risk and Data Protection practice. The candidate will work with teams of cybersecurity and privacy staff in a wide variety of systems environments. Our Cyber Risk and Data Protection team serves the cybersecurity and data protection related needs of our clients. This team helps organizations identify their cyber risk, and design and implement program to address those risks and improve their cyber security posture. We serve a diverse base of clients in a variety of industries, and understanding how technology impacts the operation and growth of organizations is what we do best.

Requirements

3-6 years of experience: Building, leading and developing high performing teams
Mentoring and influencing others both internally and within client organizations
Managing client work and drive client communications with limited oversight from RSM Senior Leadership
Managing budgets and resource allocation including, but not limited to program and project management
Oversee security projects from inception to completion, ensuring they are delivered on time and within budget
Monitor project progress, identify potential roadblocks, and implement corrective actions to ensure timely delivery
Executing cyber program assessments including risk assessments and control maturity assessments against frameworks such as NIST or CIS
Developing prioritized observations as well as developing and communicating strategic roadmaps to enable an organization’s incremental maturity of their cybersecurity posture
High degree of integrity and confidentiality, as well as ability to adhere to company policies and best practices
Willingness to travel up to 30% to client sites for various engagements
Basic knowledge of common compliance requirements (e.g., NIST, ISO, CIS, GDPR, CCPA, PCI, HIPPA, HITRUST, DFARS, CMMC, etc.)
Passion for cybersecurity and ability to self-direct and teach themselves about new and emerging cybersecurity concepts.
Excellent written and verbal communication skills, with a focus on translating technical requirements for business stakeholders.
Ability to manage and prioritize multiple tasks in a fast-paced environment, particularly in support of cybersecurity project lifecycles.

Nice To Haves

Proficiency in Microsoft suite of tools including Excel, OneNote, etc. is desired
Support of virtual CISO engagements providing support of strategic leadership and on-going operational delivery of cybersecurity programs.
Understanding of secure cloud architecture and design as well as certifications in solutions such as AWS or Azure
Demonstrated ability to perform quantitative and qualitative analysis of security data
Practical hands-on experience with IT infrastructure components such as servers, firewalls, IDS systems and other network infrastructure components
Practical hands-on experience with security tools, such as vulnerability scanning solutions, SIEM, EDR, GRC, SOAR, etc.
Practical hands-on experience with digital identity tools such as Okta, SailPoint, Saviynt, or Microsoft
Experience using data visualization tools (e.g., Power BI, Tableau) to create meaningful security metrics
One or more security focused certifications: Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®), etc.
One or more project management certifications: Certified Associate in Project Management (CAPM) or Project Management Professional (PMP)

Responsibilities

Lead/develop team members as the field leader for client engagements
Lead or support completion of assessments that identify risks within an organization’s cyber security programs
Work with a variety of cyber security and privacy frameworks such as ISO, NIST, CIS
Measure and report clients' compliance with established industry or National/International government requirements such as PCI DSS, CMMC, FEDRAMP, GDPR, CCPA, etc.
Lead or support the development of security programs for our clients
Support the development of strategy and implementation of tools such as eGRC, used to help manage security programs across a variety of organizations
Evaluate, recommend, and implement security program management tools and platforms to drive efficient program execution and automation
Design and analyze comprehensive cyber security metrics that provide actionable insights for executive decision-making
Conduct trend analysis across security data to identify patterns, correlations, and emerging risks
Synthesize findings from multiple assessments and data sources to identify root causes and systemic issues
Develop data-driven recommendations that address both tactical needs and strategic objectives
Support networking and business development activities

Benefits

At RSM, we offer a competitive benefits and compensation package for all our people.
We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients.
Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume