IT Risk Cyber Internal Audit Experienced Associate

Grant Thornton•New York, NY

About The Position

As a member of Grant Thornton’s Cybersecurity Internal Audit (IA Cybersecurity) team, you will have the opportunity to collaborate with our clients and deliver consulting and advisory services across a broad spectrum of areas related to cyber risk. You will support clients in evaluating and enhancing their Cybersecurity risk posture through internal audits, control testing, and maturity assessments. You’ll work closely with cross-functional teams to assess risks, test controls, and provide actionable insights aligned with industry standards and regulatory frameworks. As an IA Cybersecurity Risk Associate, you will get the opportunity to contribute to our clients' business needs and grow within our practice by applying a collection of Cybersecurity capabilities, including governance, risk assessments, control testing, and technology operations for the Cybersecurity practice, all with the resources, environment, and support to help you excel. From day one, you’ll be empowered by the greater Risk Advisory team to help clients make the moves that will help them achieve their vision and help you grow your Cybersecurity knowledge.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field is required.
2+ years of experience in Cybersecurity, internal audit, or IT risk.
Familiarity with Cybersecurity frameworks and standards including (but not limited to):
NIST CSF, NIST 800-53, NIST 800-171
CSA CCM
ISO/IEC 27001, ISO/IEC 27002
HIPAA, FedRAMP, GLBA, CCM
COBIT, HITRUST, PCI DSS
Foundational understanding of IT, Cybersecurity, cloud security, data protection, vulnerability management, and incident response.
Strong understanding of the cloud shared responsibility model and how that may impact clients’
Ability to communicate clearly and effectively (oral and written) with all internal and external stakeholders.
Exceptional client service, communication, analytical, and organizational skills.
Strong project management skills and the ability to execute multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
Ability to travel to client locations (as needed).

Responsibilities

Assist in planning and executing Cybersecurity internal audits, risk assessments, and control testing engagements.
Assist with performing Cybersecurity control testing and Cybersecurity program capability assessments.
Conduct Cybersecurity maturity assessments using frameworks such as NIST CSF, CSA CCM, ISO/IEC 27001, COBIT, and HITRUST.
Support assessments for regulatory compliance including HIPAA, FedRAMP, GLBA, and state-led data breach notification laws.
Document audit findings, develop risk-based recommendations, and contribute to client deliverables.
Assist organizations with identifying recommendations and developing roadmaps to mitigate cyber risks and enhance overall Cybersecurity posture.
Collaborate with senior team members to identify emerging risks and recommend mitigation strategies.
Participate in walkthroughs, and workshops with client stakeholders to understand information security/ cybersecurity processes and technology environments.
Stay current on Cybersecurity trends, threat landscapes, and regulatory developments. This includes technical familiarity with common Cybersecurity tools, cloud environment/architecture, and threat vectors.
Assist with executing remediation plans resulting from assessment activities.
Support client engagements from start to finish, which includes planning, fieldwork, and reporting.
Participate in professional development activities and training sessions on regular basis.
Adhere to the highest degree of professional standards and strict client confidentiality.
Other job duties as assigned.

Benefits

Whether it’s your work location, weekly schedule or unlimited flex time off, we empower you with the options to work in the way that best serves your clients and your life.
Here, you are supported to prioritize your overall well-being through work-life integration options that work best for you and those in your household.
We understand that your needs, responsibilities and experiences are different — and we think that’s a good thing. That’s why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. See how at www.gt.com/careers
For an overview of our benefit offerings, please visit: https://www.grantthornton.com/careers/rewards-and-benefits
Grant Thornton interns are eligible to participate in the firm’s medical, dental and vision insurance programs and the firm’s employee assistance program. Interns also receive a minimum of 72 hours of paid sick leave, and are paid for firm holidays that fall within their internship period.
Grant Thornton seasonal employees are eligible to participate in the firm’s medical, dental and vision insurance programs and the firm’s employee assistance program. Seasonal employees may also be eligible to participate in the firm’s 401(k) savings plan and employee retirement plan in accordance with applicable plan terms and eligibility requirements. Seasonal employees receive a minimum of 72 hours of paid sick leave.
Grant Thornton employees may be eligible for a discretionary, annual bonus based on individual and firm performance, subject to the terms, conditions and eligibility criteria of the applicable bonus plan or program. Interns and seasonal employees are not eligible for bonus compensation.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume