The role
Grant Thornton, Ireland’s fastest growing professional services firm, currently have an exciting vacancy for Cybersecurity Risk Managers. The roles and responsibilities may include:
- Manage and deliver cybersecurity assessments and related projects from planning, initiation, execution up to reporting.
- Manage resources ensuring projects are delivered within agreed budget and timeline, and with value-adding quality.
- Detailed documentation of issues, risks, and controls.
- Articulate and present findings to Senior Management and formulate recommendation to improve client’s cybersecurity posture.
- Prepare high-quality assessment reports, cybersecurity policies, standards and guidelines, and other client deliverables, as required.
- Managing the expectations of key client points of contact to ensure a successful client experience and outcome.
- Provide advice and expertise to IT and Security Leadership (CISO/CIO), Board and Senior Management on cybersecurity related matters.
- Coach and support junior team members and promote a positive working environment by providing constructive feedback timely and regularly.
- Assist in the team’s business development process, including identifying client needs and opportunities, and working on proposals for new business.
- Demonstrate flexibility as these roles are varied, and offer the ability to work across functional and technical areas where required.
- Contribute to team knowledge and development of new service offerings.
- Be innovative and identify smart ways of working, without compromising quality.
- Collaborate with our Forensics, Privacy and other teams with Advisory, where necessary.
Required experience:
- Candidates who have 5 or more years’ experience working in Cybersecurity or related disciplines/roles such as IT/Technology Consulting, IT Internal and External Audit, IT Risk Management, IT/Operational Risk or IT Regulatory/Supervisory (i.e. inspections).
- Candidates are required to have the fundamental ability to manage a team of one or more junior staff in delivering a focused engagement in a time-bound manner producing high quality deliverables for the client, including presentation of findings and recommendations to client’s Senior Management team.
- Candidates should have energy, enthusiasm and strong communication skills, the ability to critically analyse data/evidence/trends/risks/system configuration, the ability to effectively manage a team in order to achieve the engagement objectives, the ability to provide feedback to and coach junior staff as well as a willingness to work in a fast-paced environment.
- Candidates should have a strong appreciation of technology and have strong experience in auditing and designing controls for IT applications, operating systems and databases, networks (i.e. Active Directory, Office365), as well as having a strong understanding of the sufficiency and appropriateness of evidence from a client.
- Candidates should have a strong client focus, be customer-centric and have an interest in providing cybersecurity advisory services to clients.
- Candidates must be knowledgeable or has working experience assessing or implementing cybersecurity controls based on NIST CSF and/or ISO 27001.
- Experience in designing security controls and/or deploying cloud solutions (AWS, Azure, Office365, etc.).
- Ideal candidates should have certifications in one or more of the following qualifications: ISACA certifications (CISA, CRISC, CISM, CGEIT, COBIT), ITIL v3 Foundation, CISSP, CCSP, CIA, PRINCE2, ISO 27001 Lead Auditor/Implementer.
Desired experience:
- Candidates should have a minimum of 5 or more years working in a professional services firm in the area of IT Risk Assurance or IT Risk Advisory managing teams to deliver the above types of engagements to clients.
- CISSP, CISM, and CCSP preferred.