IT Risk & Cybersecurity Manager

at The Execu | Search Group
Location New York, NY
Date Posted November 30, 2021
Category Default
Job Type Full-time

Description

A public accounting firm located in New York City is actively seeking a dedicated and analytical professional to join their staff as their new IT Risk & Cybersecurity Manager. In this role, the IT Risk & Cybersecurity Manager will provide tax, assurance, advisory, and advocacy services to a diverse client base.

Responsibilities

The IT Risk & Cybersecurity Manager will:

  • Play a visible leadership role during client engagements: develop strategy and deliver solutions while managing up, down, and outward
  • Install structure and excellence over Enterprise Governance & Cybersecurity Risk Assessments, Data Privacy, Internal Audit, and ICFR/Sarbanes-Oxley programs
  • Oversee the development of written IT policies and operating procedures for clients across several domains: WISP, RIM, BCP/DR, Incident Response, Change Management, AUP, etc.
  • Build client confidence and participate in client relationship and business development activities
  • Maintain a deep understanding and advanced knowledge of commonly used IT governance, risk, and compliance frameworks

Qualifications

  • Bachelor's degree in Business, Accounting/Finance, Computer Science, MIS, or other IT or Cybersecurity-related field of study
  • 6+ years of experience working in Professional Services/Consulting, Internal Audit, Risk Management, IT Operations, Cyber- or Information Security, or a related field, either in professional services or industry
  • 3+ years of experience working with two or more of the following frameworks: CobiT, ISO, NIST, ITIL, SANS, FFIEC, SWIFT CSCF, COSO/ERM, RCSA, GTAG
  • 3+ years of experience working with two or more of the following regulations: Sarbanes–Oxley, GDPR, NYDFS Cybersecurity, NY Shield Act, CCPA, HIPAA, PCI-DSS

Desired skills

  • Advanced degree and/or industry experience
  • Advanced knowledge of IT General Control areas (e.g. Governance, SDLC, Change Management, Operations, Physical/Logical Security)
  • Experience managing GRC tools and work paper systems 
  • Hold one or more of the following certifications: CA, CPA, CIA, CISA, CSX-P, CISM, CISSP, and CDPSE