The role
 

Grant Thornton, Ireland’s fastest growing professional services firm, currently have an exciting vacancy for Cybersecurity Risk Managers. The roles and responsibilities may include:
 

• Manage and deliver cybersecurity assessments and related projects from planning, initiation, execution up to reporting.
• Manage resources ensuring projects are delivered within agreed budget and timeline, and with value-adding quality.
• Detailed documentation of issues, risks, and controls.
• Articulate and present findings to Senior Management and formulate recommendation to improve client’s cybersecurity posture.
• Prepare high-quality assessment reports, cybersecurity policies, standards and guidelines, and other client deliverables, as required.
• Managing the expectations of key client points of contact to ensure a successful client experience and outcome.
• Provide advice and expertise to IT and Security Leadership (CISO/CIO), Board and Senior Management on cybersecurity related matters.
• Coach and support junior team members and promote a positive working environment by providing constructive feedback timely and regularly.
• Assist in the team’s business development process, including identifying client needs and opportunities, and working on proposals for new business.
• Demonstrate flexibility as these roles are varied, and offer the ability to work across functional and technical areas where required.
• Contribute to team knowledge and development of new service offerings.
• Be innovative and identify smart ways of working, without compromising quality.
• Collaborate with our Forensics, Privacy and other teams with Advisory, where necessary.

Required experience:

• Candidates who have 5 or more years’ experience working in Cybersecurity or related disciplines/roles such as IT/Technology Consulting, IT Internal and External Audit, IT Risk Management, IT/Operational Risk or IT Regulatory/Supervisory (i.e. inspections).
• Candidates are required to have the fundamental ability to manage a team of one or more junior staff in delivering a focused engagement in a time-bound manner producing high quality deliverables for the client, including presentation of findings and recommendations to client’s Senior Management team.
• Candidates should have energy, enthusiasm and strong communication skills, the ability to critically analyse data/evidence/trends/risks/system configuration, the ability to effectively manage a team in order to achieve the engagement objectives, the ability to provide feedback to and coach junior staff as well as a willingness to work in a fast-paced environment.
• Candidates should have a strong appreciation of technology and have strong experience in auditing and designing controls for IT applications, operating systems and databases, networks (i.e. Active Directory, Office365), as well as having a strong understanding of the sufficiency and appropriateness of evidence from a client.
• Candidates should have a strong client focus, be customer-centric and have an interest in providing cybersecurity advisory services to clients.
• Candidates must be knowledgeable or has working experience assessing or implementing cybersecurity controls based on NIST CSF and/or ISO 27001.
• Experience in designing security controls and/or deploying cloud solutions (AWS, Azure, Office365, etc.).
• Ideal candidates should have certifications in one or more of the following qualifications: ISACA certifications (CISA, CRISC, CISM, CGEIT, COBIT), ITIL v3 Foundation, CISSP, CCSP, CIA, PRINCE2, ISO 27001 Lead Auditor/Implementer.

Desired experience:

• Candidates should have a minimum of 5 or more years working in a professional services firm in the area of IT Risk Assurance or IT Risk Advisory managing teams to deliver the above types of engagements to clients.
• CISSP, CISM, and CCSP preferred.