Cybersecurity, Technology Risk, and Privacy, Manager

Company: Cohn Reznick
Location: Chelsea, New York, United States
Type: Full-time
Posted: 12.AUG.2021


Responsibilities: Assess technology, cybersecurity, and privacy risks within client environments and the related controls and provide practi...


Responsibilities: Assess technology, cybersecurity, and privacy risks within client environments and the related controls and provide practical remediation plans Conclude on the business impact to the organization as it relates to identified cybersecurity, technology, and/or privacy risks Manage multiple engagements while maintaining company quality standards Work with clients in a broad array of industries including information technology, financial services, retail & consumer products, pharmaceuticals, electronics, manufacturing, media, and government contracting etc. Understand clients' organizations and provide value-added solutions and best practices Proactively manage client issues and expectations. Understand and appreciate the firm's model of balancing client needs with profitability Review and evaluate client IT environment including IT systems, processes, and controls to ensure compliance with prevailing regulatory laws and requirements Work with clients to test for compliance with various prevailing regulatory laws, requirements, and standards including but not limited to Sarbanes-Oxley Act of 2002, NYDFS, GDPR, CCPA, PCI DSS, ISO 27001, HIPAA, CMMC, etc. Ensure engagement reporting observations and recommendations are based on a complete understanding of the process, circumstances, and risk Prepare formal written reports providing recommendations for management to strengthen and improve operations in addition to identifying cost or efficiency savings Identify areas for risk transformation and automation to assist clients with reducing the cost of compliance Act as a professional mentor and coach to junior team members, participating in the performance management cycle Participate in business development activities such as professional networking, proposal development, etc. Other related duties assigned as needed Requirements: A minimum of seven years of experience with the following: Working knowledge of Cloud Security Framework, General Data Protection Requirement (GDPR), COBIT 5, PCI DSS, ISO 27001/2, HIPAA, California Consumer Protection Act (CCPA), NIST 800-171/800-53/NIST 800-37 required Background and understanding of the risks and controls in technologies such as web, cloud, client/server, open systems architecture, data warehousing, and imaging Proficient understanding of Cloud security, Identity and Access Management, ERP, Operating Systems, Databases, and Network Infrastructure components Knowledge of risks and controls in emerging technologies based on Blockchain, Internet of Things (IoT), and Artificial Intelligence is a plus Experience managing simple and complex information technology internal audits Experience managing team of various sizes across geographical boundaries Exceptional oral and written communication skills Demonstrated ability to manage client engagements and supervise staff Bachelor's Degree required, Master's Degree preferred CISA, CISSP, CCSK, CIPP, or CRISC required Ability to travel up to 50% (domestic and international)

Apply Now


Free eBook

Loader2 Processing ...