Senior Cybersecurity Risk Associate
Working at Drawbridge
At Drawbridge, we are committed to attracting and retaining the best individuals who enjoy working in a dynamic environment. You will be joining an agile team that will help you at every level of your career to identify and use your strengths to grow. This is an opportunity to work at a company that is open to new ideas as we build a dynamic and diverse environment for our employees. The work will be challenging and rewarding. You will gain hands on experience from a team who strives to see its employees succeed.
Working in Client Success
You will be joining a team of technical consultants who have a passion for understanding and defending against emerging cyber threats. Our clients rely on our expertise to help them navigate the constantly changing cybersecurity landscape, and our team of consultants pair their technical knowledge and industry insight to offer critical risk management advice. The technical advisory team works as a collaborative unit, with each member bringing a unique technical skillset to the table.
Our Values
- Innovation: As the market leader, Drawbridge draws on its in-depth, collective expertise in its constant effort to innovate both our platform and our approach to service
- Integrity: Our clients and partners lean on us because they know we are trustworthy and honor what we say
- Collaboration: We are here to win, and we only win when we work together across team
- Diversity: We are inclusive. We honor, respect, and appreciate each other’s differences and perspectives
In This Role You Will
- Conduct risk assessments and security audits of client cloud environments
- Assess the security posture of cloud platforms and infrastructure including but not limited to Microsoft 365, Google Workspace, Azure and AWS.
- Schedule, conduct, and lead risk assessment meetings with clients and IT providers.
- Assess operational business risks and provide remediation and mitigation guidance.
- Act as an escalation point for technical questions from clients and internal teams.
- Participate in the enhancement of existing Drawbridge products, reports, and processes.
- Assist and advise clients with cyber training, incident response, operational due diligence and/or SEC cyber audit requirements.
- Provide vulnerability remediation guidance for clients and service providers based on identified findings.
- Assist with internal and external penetration test engagements, providing clients and internal teams with remediation guidance related to test findings.
- Identify and evaluate complex business and technology risks, controls to mitigate risks, and related opportunities for control improvement.
- Learn applicable regulatory framework and compliance guidelines for cybersecurity (including but not limited to SEC, NFA, FCA, MAS).
- Maintain tracking of internal tasks, provide status updates to clients, team members, and managers, and ensure open and consistent communication with all stakeholders.
- Establish and maintain relationships with clients, IT providers, and other service providers.
You Have
- Sound knowledge of IT networking concepts including but not limited to segmentation, DNS, the OSI model, and network topology.
- Sound knowledge of cloud infrastructure controls and concepts related to solutions such as Microsoft 365, AWS, and Google Workspace.
- Familiarity with cybersecurity concepts such as business continuity, disaster recovery, incident response, and network security.
- Solid knowledge of vulnerability management concepts and methodologies.
- Proven experience in a client/customer facing role.
- Experience discussing technical concepts with a non-technical audience.
- Excellent written and verbal communication skills
- Excellent time management skill
Nice if you have
- Sound knowledge of security standards and frameworks such as, but not limited to, NIST, CIS, COBIT, etc.
- Previous experience deploying security controls and policies within cloud infrastructure environments.
- Knowledge of hedge fund, private equity, or RIA operations/compliance.
- CRISC, CISA, CISSP, CIPP, Security +, certifications.
Base Salary Range
We Offer
- Competitive compensation package
- Employer Retirement/401(k) plan with company contribution
- Medical, Dental, Vision Coverage, Disability, and Life Insurance
- Health Savings Account (HSA) or Flexible Spending Account (FSA)
- Generous Paid Time Off Policy
- Healthy Work/Life Balance
- Phone Reimbursement Perk
- Exclusive Employee Discounts & Perks offered through ADP and insurance
About Drawbridge
Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry. Its proprietary platform helps firms exceed and manage their governance, risk, and compliance (GRC) requirements while combatting sophisticated cyber threats and third-party risks. Drawbridge's platform connects business, compliance, and IT to empower firms to centralize and manage their most robust security programs, improve their risk profile, and raise institutional capital. With a tested team focused on value delivery and a 1000+ strong customer base, Drawbridge offers unmatched customer service and flexibility to help businesses proactively manage vulnerabilities, plan for growth, and reduce complexity. At Drawbridge, we are committed to attracting and retaining the best individuals who enjoy working in a dynamic environment.
Our Hiring Process
We want to hire the most qualified individuals. We’ve designed a multi-step selection process that may include interviews and assessments. We render decisions quickly and we’re eager to get to know you.
Affirmative Action and Equal Opportunity Employer
Drawbridge Partners, LLC is an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, non-disqualifying physical or mental disability, protected veteran status, or any other legally protected characteristic, in accordance with applicable law. All employment is decided on the basis of qualifications, merit, and business needs.