Cyber Security Manager – Cherry Bekaert LLP – Tysons Corner, VA
Note: We may earn a commission from products or services when you click on a link and make a purchase.
About the job
Cherry Bekaert is a Top 25 National CPA firm with a 70 year track record of providing value added Accounting and Advisory services to our clients. Our shared values, including uncompromising integrity, a passion for excellence and mutual respect have helped us get here.
This role has the flexibility to sit in multiple offices throughout our footprint, or possibly remote for the right resource, and will lead engagements providing IT Audit, consulting, and compliance services in the areas of
Due to sustained growth within our Information Assurance & Cyber Solutions practice, we are seeking a Manager to join our collaborative team.
- SOC 1/2/3 and other attestation engagements
- Cybersecurity Risk and Gap Assessments
- NIST Cybersecurity Framework, NIST 800-115, NIST 800-171, NIST 800-53 (FISMA, FedRAMP, etc.)
- ISO 27001/27002, PCI, HIPAA/HITRUST, FFIEC
- AICPA Cybersecurity Risk Management Framework
Overseeing or conducting cyber services in the areas such as:
- Readiness Assessments
- Vulnerability Assessments
- Attack & Penetration Studies
- Incident Response
- Cybersecurity Governance Risk & Compliance
If you enjoy using your Cyber Security consulting skills in an environment of learning, development, and growth, let’s have a conversation.
What Your Day Looks Like
The Manager supports the performance of technology, cybersecurity, privacy, and general control audit/advisory client service engagements, in addition to technical cybersecurity assessments. Under the supervision of a Partner, the Manager will help identify cybersecurity control weaknesses, design gaps, vulnerabilities, audit exceptions, and inefficiencies with appropriate recommendations to management.
- Support strong work papers conforming to the firm’s methodology/standards and participation in report drafting for client service delivery
- Identify and communicate results to leadership
- Ensure project quality control and oversight supervision of client engagements from start to finish, including adequate planning, execution, and direction while managing to budget
- Maintain a strong client focus by understanding the client’s business needs while developing productive working relationships with client personnel in order to accomplish audit objectives
- Strong project management skills, ability to multi-task and attention to detail
- Support the growth and maturity of staff development
- Technical report writing and research
What You Need For This Role
- Bachelor’s Degree, preferably in Information Security, Information Systems, Computer Science or Accounting
- 4+ years cybersecurity/IT Audit experience with at least 2 years working in a consulting firm environment
- Experience performing and managing SOC engagements and cybersecurity assessments against third party cybersecurity criteria (NIST, HIPAA, HITRUST, FFIEC, ISO, PCI, etc.)
- Proficient with technology risk management, cybersecurity governance principles, network & infrastructure cybersecurity best practices
- Knowledge of vulnerability assessment and penetration testing technologies, as well as incident response, host and network forensic technologies
- Working knowledge of desktop, mobile and endpoint operating systems, and networking technologies
- Proficient with cloud environments and technologies
- Familiar with cybersecurity solution offerings used to meet business and technical objectives
- Experience with IDAM, Active Directory/LDAP and other authentication technologies
- Willing to pursue relevant professional designations (ex. CPA, CISA, CISSP or CEH)
- At present, travel has been suspended; however, under normal circumstances this position has required the ability to travel approximately 30-50% of the time
Need Security Training? Certifications at Your Own Pace
- IBM Cybersecurity Analyst Professional CertificateIntroduction to Cybersecurity Tools & Cyber Attacks by IBM
- Generative Adversarial Networks (GANs) Specialization from DeepLearning.AI
- Agile Leadership Specialization from the University of Colorado
- International Cyber Conflicts from the State University of New York (SUNY)
- IT Fundamentals for Cybersecurity Specialization by IBM
- Google Cloud Security Professional Certificate from Google Cloud
- Google Cloud Networking Professional Certificate from Google Cloud
- Introduction to Blockchain Specialization from Association of International Certified Professional Accountants
- Candidates must demonstrate they are eligible to work in the United States.
- Available for Work Sponsorship: No
- Available for Work Sponsorship: No
What We Offer You
- Shared values, including uncompromising integrity, a passion for excellence, and mutual respect
- Collaborative environment focused on career advancement and professional development
- Competitive compensation and extensive training opportunities
- Flexible work arrangements with generous PTO
- “Dress for your Day” policy
Our mission is to make a difference for our people and for our clients. If these values align with yours, we’d like to hear from you. Please note that due to the high volume of applications, we can only respond if we are moving forward with your resume.
Our Benefits Cherry Bekaert cares about its people. We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, we offer a comprehensive, high-quality benefits program which includes medical, dental, and vision care; disability and life insurance; generous Paid Time Off; retirement plans; Paid Care Leave; and other programs that are dedicated to enhancing your personal and work life and providing you and your family with a measure of financial protection.
Cherry Bekaert provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.
No Agencies Please