DescriptionThe professionals in Grant Thornton's Cybersecurity practice help organizations build cybersecurity strategy into their overall business strategy. This includes supporting our clients to identify and understand their cyber risk exposure, design and implement cybersecurity programs and solutions to mitigate cyber threats and protect their assets, and respond to cyber-attacks and incidents. Grant Thornton’s Cybersecurity practice is in high demand and rapidly growing, offering a rewarding and challenging working environment and great career growth potential.
As a member of Grant Thornton’s Cybersecurity team, you will have the opportunity to collaborate with our clients and deliver technical cybersecurity consulting and advisory services across a broad spectrum of areas, including threat protection, data protection, security engineering, and incident response readiness activities.
The Manager role offers an excellent opportunity to leverage and display your technical knowledge and experience while broadening your business and project management skills. Responsibilities include managing and performing cybersecurity assessments, design and implementation of threat protection solutions, end-to-end client engagement lifecycle management, and supervising other Grant Thornton colleagues. The Manager is also responsible for supporting the growth of the practice through business development activities.
Your day-to-day may include:
- Manage, lead and perform threat protection engagements, including Microsoft Sentinel deployments, endpoint security and Microsoft Azure security hardening.
- Manage and support cybersecurity assessments consisting of security architecture reviews, system configuration reviews and cloud security evaluations.
- Manage and support cybersecurity incident response readiness activities, including tabletop exercises and evaluations of incident response capabilities.
- Support cybersecurity risk and control remediation and security control implementation activities.
- Develop deliverables from technology deployments and assessments performed and develop tailored recommendations to mitigate associated cyber threats and risks.
- Manage assigned client engagements from start to finish, which includes engagement planning, fieldwork execution and reporting.
- Develop strategic recommendations and consultative guidance for clients to help mature their cybersecurity programs, technology, processes and capabilities.
- Remain current and apply knowledge of cybersecurity trends and risks.
- Communicate and collaborate externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence.
- Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements.
- Develop and manage client relationships with the intention to exceed client expectations.
- Adhere to the highest degree of professional standards and strict client confidentiality.
- Participate in professional development activities and training sessions on regular basis.
- Other duties as assigned.
You have the following technical skills and qualifications:
- 5+ years of related cybersecurity experience in a similar consulting practice or function.
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field is required
- CISSP, CISM, GIAC (e.g., GSEC, GCIH, GISP, etc.), cloud security (e.g., AZ-500, SC-200, SC-300, SC-400, AWS Certified Security, Google Cloud Professional Architect / Security Engineer) or other related certifications required
- Strong project management skills and the ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
- Experience with practice development and client pursuit activities.
- Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
- Strong professional verbal and written skills.
- Experience leading and managing one or more of the overarching areas below:
- Conducting design and deployments of Microsoft Threat Protection technology (Microsoft Sentinel, Microsoft Defender for Endpoint, and various Microsoft Defender technologies (Identity, Office 365, Cloud)
- Proven experience conducting Security Information and Event Management (SIEM) solution deployments (with a focus on Microsoft Sentinel), including configuring content (analytics, workbooks, and/or playbooks/automation), as well as integrating deployed solutions into organizational Managed Detection and Response (MDR) services.
- Proven experience performing security hardening of Microsoft Azure environments
- Reviewing security architecture deployments and assessing and/or implementing secure configurations for common network devices (routers, switches, firewalls), server operating systems (Windows and Linux) and database management systems.
- Assessing and/or implementing security solutions and controls within cloud service provider platforms (e.g., AWS, Azure, GCP, O365).
- Working knowledge of cybersecurity industry leading practices and frameworks, such as NIST CSF, CIS Controls, CIS Benchmarks, OWASP, MITRE ATT&CK.
- Familiarity with common cyber event detection and threat and vulnerability management security solutions.
- Excellent analytical, organizational and project management skills.
- Can travel as needed