Cybersecurity Manager

Dixon Hughes Goodman Atlanta , GA 30301

Posted 7 days ago

Overview

DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 30+ offices located in 13 states, we combine extensive tax, assurance and advisory experience with a focus on relationships and personal service to help our clients achieve their goals. People, careers and flexibility are at the heart of DHG's culture making it a great place to build a valuable career.

Responsibilities

The Cybersecurity Manager supervises multiple client engagement teams performing assessments, audits, and advisory consulting associated with cybersecurity governance, risk, and compliance. The DHG Cybersecurity Team's engagements vary considerably in size and complexity and require a combination of understanding of various technologies, cybersecurity compliance frameworks, and extensive client interaction. All of our IT Advisory services are designed for the dual purpose of strengthening internal controls and meeting compliance requirements.

IT advisory services focus on helping clients protect the security and integrity of their information by assessing the people, processes, and technology in place. Types of engagements for this role are likely to include PCI compliance assessments, cybersecurity risk and technical assessments, cyber policy procedure reviews, and Service and Organization Controls (SOC) 1, 2, 3, and SOC for Cyber reporting.

  • Execute assessments within the domains of: Security Policy, Security Governance, Access and Authentication Management, Threat and Vulnerability Management, Security Infrastructure and Architecture, Application Security Architecture, and Incident Response Management.

  • Oversee the performance of cybersecurity staff, leading assessment testing procedures, and reviewing team members' work product.

  • Analyze documentation, process information, technical configurations, or other client provided information and document the results of conversations and analysis.

  • Stay abreast of current and emerging security risks across multiple industries, including healthcare, financial, retail, insurance, and public sector.

  • Research new technologies, understand existing processes, and reference recognized standards and frameworks.

  • Clearly articulate the status and results of work performed, both orally and in written form, to internal management and DHG clients Interface with our project clients to identify and understand potential risk areas.

  • Contribute to the definition of final project scope, approach, and deliverables.

  • Develop other staff in assessment methodology, the understanding IT process and controls, and direct some staff activities.

  • Operate effectively and with minimal supervision, within a team or independently, performing special projects and related duties, as assigned.

  • Pursue continuous professional development through internal/external training, certifications and/or continuing education.

  • Identify opportunities for continuous improvement and enhancement to work programs and processes.

#LI-BN

Qualifications

  • Minimum of 5 years of experience in the cybersecurity industry required, with 2-3 years of experience in cybersecurity governance, risk, and/or compliance audit and assessment preferred.

  • Bachelor's Degree in Cybersecurity, Computer Science, MIS, Information Security, or a related discipline required.

  • Strong IT Security knowledge required. Specifically, knowledge in one or more of the following areas: application security, network security, IT infrastructure, Windows and/or Linux system administration, database security.

  • Working experience and/or knowledge of web and mobile technology preferred

  • Experience with common security risk frameworks, including NIST 800-53 controls, the NIST Cybersecurity Framework, HIPAA, PCI, and CIS Critical Security Controls required.

  • Strong conceptual thinking aptitude required.

  • Strong interpersonal skills, including: written and verbal communications, willingness to assist in areas outside of direct assignments when necessary, and commitment to self-improvement and completion of team objectives required.

  • Professional certification (e.g., CISSP, CISM, CISA, SANS, etc.) is a plus. Willingness to work toward achieving professional cyber credentials is required.

  • Previous experience as a PCI Qualified Security Assessor and/or HITRUST Certified Assessor is a plus, but not required.

  • Previous consulting, internal audit, or compliance experience is a plus.

  • Ability to travel up to 60% annually, primarily in the southeastern United States, preferred. Typical travel in this role is 50 to 75% annually.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cybersecurity Consultant

Mercer LLC

Posted 3 days ago

VIEW JOBS 3/18/2019 12:00:00 AM 2019-06-16T00:00 Company:Marsh Description: Cyber risk was considered an emerging risk a decade ago, but today it has grown into a liability that costs business nearly $450 billion a year. The increasing frequency, sophistication, and ever-changing nature of cyber intrusions and data breaches continually challenge organizations' cyber mitigation and risk management teams. Marsh Risk Consulting's (MRC) Cybersecurity Consulting and Advisory Services address the essential elements of cybersecurity, from strategy, governance, and enterprise risk management to controls architecture, implementation, and management. Tailored to your specific business environment and requirements, our services, our issue and industry expertise, and our actionable insights help you make informed cybersecurity risk management decisions and improve your resilience in the face of ever-growing cyber threats. We are seeking a Consultant to join our Cybersecurity practice who will be directly responsible for independently developing and maintaining the client relationship by providing comprehensive consulting services that include, but are not limited to: * Enterprise-wide Cybersecurity Program Review and Roadmapping * Standards-based, client-specific assessment that helps drive strategy, risk management, investment, and risk-transfer decisions. * Based on a proprietary synthesis of multiple standards for testing and validating security outcomes within the National Institute of Standards and Technology (NIST) Cybersecurity Framework. * Cybersecurity Risk Quantification * Leverages strategic and financial company information to model your cyber operating environment and generate a dashboard view of the "Cyber Value-at-Risk" – the probability of breach, average and severe breach costs, and the top cybersecurity weaknesses. * Security Technical Controls Review * Methodical review of your cybersecurity technical controls environment. * Applies technical tools to evaluate the operational effectiveness of security controls. * Third-Party Cybersecurity Risk Management Review * Identifies third-party relationships, including suppliers, service providers, business partners, contractors, vendors, etc., and assesses the likelihood that they would experience a cyber event. * Scenario-Based Cyber Exercises * Executive-level, facilitated tabletop exercises, typically focused on the enterprise response to a series of hypothetical cyber incidents that are realistic for your business. Requirements include: * Bachelor's degree or equivalent * Minimum 3-6 years of relevant experience in Cybersecurity consulting * Experience as a trusted cyber security advisor to senior clients * Successful track record of business development and management including competitive proposal development * Understanding of risk and methodologies for the quantification of loss event magnitude Marsh is a global leader in insurance broking and risk management. In more than 130 countries, our experts in every facet of risk and across industries help clients to anticipate, quantify, and more fully understand the range of risks they face. We work with clients of all sizes to define, design, and deliver innovative solutions to better quantify and manage risk. We offer risk management, risk consulting, insurance broking, alternative risk financing, and insurance program management services to businesses, government entities, organizations, and individuals around the world. To every client interaction we bring an unmatched combination of deep intellectual capital, industry-specific expertise, global experience, and collaboration. Since 1871, clients have relied on Marsh for trusted advice, to represent their interests in the marketplace, make sense of an increasingly complex world, and help turn risks into new opportunities for growth. Our more than 30,000 colleagues work on behalf of our clients, who are enterprises of all sizes in every industry, and include individuals, multinational organizations, and government entities worldwide. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. Visit www.marsh.com for more information and follow us on LinkedIn and Twitter @MarshGlobal Marsh and its separately incorporated operating entities around the world are part of Marsh & McLennan Companies, a publicly held company (ticker symbol: MMC). Marsh & McLennan Companies offers competitive salaries and comprehensive benefits and programs including: health and welfare, tuition assistance, 401K, employee assistance program, domestic partnership benefits, career mobility, employee network groups, volunteer opportunities, and other programs. For more information about our company, please visit us at: http://www.mmc.com/. We embrace a culture that celebrates and promotes the many backgrounds, heritages and perspectives of our colleagues and clients. For more information, please visit us at: www.mmc.com/diversity. Marsh & McLennan Companies and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/Gender Identity employers. Marsh & McLennan Companies and its Affiliates are EOE Minority/Female/Disability/Vet/Sexual Orientation/Gender Identity employers. Mercer LLC Atlanta GA

Cybersecurity Manager

Dixon Hughes Goodman