GTIL Sr Associate, Global Cybersecurity Operations

at Grant Thornton LLP
Published May 24, 2023
Location Jacksonville, FL
Category Default  
Job Type Full-time  


ICS - Grant Thornton International - Senior Associate, Global Cybersecurity Operations

Grant Thornton International Ltd (GTIL) is the umbrella legal entity for the Grant Thornton global network of member firms. GTIL sets the strategic direction, convenes member firms, connects global communities, and protects the brand and reputation of the network. GTIL and the member firms will continually improve the sustainability of their operations and strive to make a positive impact on clients, people, markets, and the communities in which we operate, in line with the UN's Sustainable Development Goals (SDGs).

About the role

Overall role purpose

In our Go Beyond network strategy 2025 our vision is to become 'the most valued network in the profession'.

The Cybersecurity Operations Engineer plays a crucial role in managing the proactive, operational and reactive cybersecurity posture for GTIL and member firms globally.

Reporting directly to the Global Cybersecurity Operations Manager and with key relationships to IT Operations and the Managed Security Service Provider (MSSP), this role provides operational expertise and orchestration across a wide range of cybersecurity solutions. This includes implementation, operations, maintenance and monitoring of key security services to provide the best insight, protection and value for the organisation.

The successful candidate will develop recommended operational tactics and procedures to enable GTIL, and their member firms, to effectively plan and execute cyber operations missions and cyber security cooperation programs. The candidate will conduct operational and systems engineering analysis of plans, capabilities, architectures, processes, and concepts to inform recommendations for GTIL, as well as member firms.

Main responsibilities

Cybersecurity Operations

+ Liaising with the firm's MSSP to provide oversight of key monitoring services including but not limited to vulnerability management, EDR, secure email gateway and SIEM services.

+ Liaise with the various Business Unit stakeholders, MSSP, and cybersecurity vendors, with regards to provision and maintenance of operational and monitoring tools.

+ Respond to, redirect or escalate GTIL and Member Firm queries, in relation to impacting cybersecurity operations and potential threats, in a manner consistent with an understanding of impact and priority.

+ Oversee the security training and awareness programmes for GTIL.

+ Develop and maintain various levels of documentation of cybersecurity operations including but not limited to executive reports, summaries, memos, runbooks, policies, plans, and procedures.

+ Develop data-driven recommendations to define and guide technical and tactical assessments of information operations, processes, and architectures

+ Development of detailed test plans providing an understanding of information operational challenges and requirements to inform technical objectives.

+ Conduct technical and operational analysis of alternatives between multiple technical approaches and develop actionable courses of action.

+ Understand and communicate best practices and recommendations into time-phased implementation plans and roadmaps.

+ Support the Global Cybersecurity Operations Manager in new projects and other security initiatives as required.

Risk Monitoring

+ Assess the need to investigate potential security incidents and the degree to which the investigation must happen.

+ Determine the need to escalate a security incident to management.

+ Act as a technical advisor during a cybersecurity incident response invocation; liaise with other technical responders within GTIL, the Member Firms, forensic experts and associated MSSP's.

+ Collaborate with GTIL and Member Firms (business stakeholders and remediation teams), to review and report on remedial actions.

+ Develop and maintain documentation on cyber security incident playbook and runbooks, process workflow, incident handling and response capabilities .

Person specification

+ Equivalent post high school education and/or work-related experience in Computer Science, Information Systems, or other Information Technology related field.

+ The successful candidate is data-driven, curious, an independent thinker, able to work autonomously, in an accountable, communicative, flexible, and creative fashion.

Experience - Essential

+ Minimum of 2-3 years working in IT Operations

+ Minimum of 2-3 years working in Information Security OR a combination of relevant experience

+ Demonstrated operational expertise:

+ Vulnerability management

+ Endpoint Detection and Response

+ Logging and Monitoring (SIEM, User Behaviour Analytics)

+ Windows client, server and hyper-visor operating systems

+ Cloud architecture (security controls and configurations).

+ The job requires effective communication (verbal and written) and project management skills to work with various levels and divisions within the organization.

+ Strong organisational and communication skills

+ Ability to learn and adapt to a constantly changing technology and threat landscape.

+ This role scope of responsibility will, on occasion, extend to include member firms across the globe, communication and relationship building is a key requirement.

+ Provides expertise and solutions for complex initiatives and is capable of making independent decisions.

+ Cultural awareness, the ability to work well with people from different disciplines and backgrounds.

+ Ability to be agile, respond positively to change and contribute with an innovative and global mindset.

Experience - Desirable

+ Security Operations Centre (SOC) experience

+ CompTIA Security+ or CySA

+ + Microsoft Azure AZ900, AZ500

+ Incident response experience

The base salary for this position with Grant Thornton International is between $80,000 and $120,000.

About Us

At Grant Thornton, we believe in making business more personal and building trust into every result - for our clients and you. Here, we go beyond your expectations of a career in professional services by offering a career path with more: more opportunity, more flexibility, and more support. It's what makes us different, and we think being different makes us better.

About the Team

The team you're about to join is ready to help you thrive. Here's how:

• Whether it's your work location, weekly schedule or unlimited flex time off, we empower you with the options to work in the way that best serves your clients and your life.

• Here, you are supported to prioritize your overall well-being through work-life integration options that work best for your and those in your household.

• We understand that your needs, responsibilities and experiences are different - and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. See how at

• When it comes to inclusion, we are committed to doing more than checking boxes. Explore all the ways we're taking action for diversity, equity & inclusion at

Here's what you can expect next:

If you apply and are selected to interview, a Grant Thornton team member will reach out to you to schedule a time to connect. We encourage you to also check out other roles that may be a good fit for you or get to know us a little bit better at


We understand that your needs, responsibilities and experiences are different, and we think that's a good thing. That's why we support you with personalized and comprehensive benefits that recognize and empower all the identities, roles and aspirations that make you, well, you. For an overview of our benefit offerings, please visit:

+ Benefits for internship positions: Grant Thornton interns are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Interns also receive a minimum of 72 hours of paid sick leave, and are paid for firm holidays that fall within their internship period.

+ Benefits for seasonal employee positions: Grant Thornton seasonal employees are eligible to participate in the firm's medical, dental and vision insurance programs and the firm's employee assistance program. Seasonal employees may also be eligible to participate in the firm's 401(k) savings plan and employee retirement plan in accordance with applicable plan terms and eligibility requirements. Seasonal employees receive a minimum of 72 hours of paid sick leave.

Grant Thornton employees may be eligible for a discretionary, annual bonus based on individual and firm performance, subject to the terms, conditions and eligibility criteria of the applicable bonus plan or program. Interns and seasonal employees are not eligible for bonus compensation.

Additional Details:

It is the policy of Grant Thornton to promote equal employment opportunities. All personnel decisions (including, but not limited to, recruiting, hiring, training, working conditions, promotion, transfer, compensation, benefits, evaluations, and termination) are made without regard to race, color, religion, national origin, sex, age, marital or civil union status, pregnancy or pregnancy-related condition, sexual orientation, gender identity or expression, citizenship status, veteran status, disability, handicap, genetic predisposition or any other characteristic protected by applicable federal, state, or local law.

Consistent with the Americans with Disabilities Act (ADA) and applicable state and local laws, it is the policy of Grant Thornton LLP to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process. To make an accommodation request, please contact [Click Here to Email Your Resumé].

For Los Angeles Applicants only: We will consider for employment all qualified Applicants, including those with Criminal Histories, in a manner consistent with the requirements of applicable state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.