Cyber Risk Senior Manager – Cloud Security
The professionals in Grant Thornton’s Cybersecurity & Privacy practice help organizations build cybersecurity strategy into their overall business strategy. This includes supporting our clients to identify and understand their cyber risk exposure, design and implement cybersecurity programs and solutions to mitigate cyber threats and protect their assets, and respond to cyber-attacks and incidents. This practice area is in high-demand and rapidly growing, offering a rewarding and challenging working environment and great career growth potential.
As a member of Grant Thornton’s Cybersecurity team, you will have the opportunity to collaborate with our clients and deliver technical consulting services with a focus on identifying cyber threats, vulnerabilities and risks and supporting the design and implementation of operational security strategies, solutions and architectures with a concentration on cloud environments.
The Senior Manager role offers an excellent opportunity to leverage and display your technical knowledge and experience while broadening your business and project management skills. Responsibilities include end-to-end cybersecurity engagement management, performance of cybersecurity assessments, design and implementation of operational security solutions, and developing and supervising other Grant Thornton Cybersecurity colleagues. The Cloud Security Senior Manager is responsible for supporting the growth of the practice, as well as delivering a full range of services to clients and managing projects, teams and budgets for multiple clients. In addition, Senior Managers are responsible for driving all aspects of practice development, including business development, marketing, thought leadership, mentoring and team building.
Essential Duties and Responsibilities
Demonstrate advanced understanding of various cloud architectures, deployment types (private, public, hybrid) and service types (IaaS, PaaS and SaaS).
Demonstrate deep knowledge across major cloud service provider platforms, including AWS, Azure, GCP and O365.
Manage and lead the performance of technical cloud security assessments and evaluations as well as developing and implementing recommended strategies for mitigating Cyber risk.
Engage with clients to develop, establish and enhance cloud security strategies and programs with supporting architectures, processes and controls.
Assist practice leadership in creating proposals, budgets, and work plans. Participate in other business development activities with existing and new clients.
Manage business development activities, including development of proposals, identifying new opportunities, representing Cyber risk on account teams, writing whitepapers, attending conferences, and/or developing thought leadership material
Perform engagement management responsibilities, including performance reviews, task delegation, project scheduling, project financials, quality review and client management.
Adhere to the highest degree of professional standards and strict client confidentiality.
Communicate (verbally and in writing) externally with clients and internally with all levels of the organization to successfully accomplish objectives portraying knowledge and confidence.
Proactively interact with key client management to gather information, resolve problems and make recommendations for improvements.
Develop relationships with clients with the intention to exceed client expectations.
Ability to manage multiple engagements and competing priorities in a rapidly growing, fast-paced, interactive, results-based team environment.
Drive the development of thought leadership, external webcasts and other brand building activities.
Manage, develop, train, coach and mentor staff on projects and assess performance for engagement and annual reviews.
Interview campus and/or experienced candidates.
Additional duties as assigned.
Required Skills and Experience
Bachelor’s and/or Master’s degree in Information Technology, Computer Science or Cybersecurity related field is required.
8+ years of related work experience in a similar consulting practice or function, servicing cross- industry clients at a national level.
Certification(s) Required: Obtained or demonstrates an active pursuit of one or more of the following certifications: Certified Information Systems Security Professional (CISSP), Certificate of Cloud Security Knowledge (CCSK) from Cloud Security Alliance (CSA), or other related cloud security certifications.
Experience working with leading cloud service provider platforms (Azure, AWS, GCP, O365) and their related services promoting a strong security posture.
Experience assessing and implementing solutions and controls in accordance with leading cloud security practices, including the areas of administration, IAM, logging and monitoring, compute environments, networking, storage and data protection.
Experience with cloud security assessment tools such as those offered by Crowdstrike, Rapid7, and Tenable.
Hands-on technical cloud engineering experience performing configurations and deploying workloads is a plus.
Familiarity with leading security frameworks and standards, such as National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), International Organization for Standardization (ISO) 27001/2, Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM).
Experience developing and managing client relationships to drive pipeline activities and support the development of the account.
Experience in project management and the ability to clearly communicate cloud security concepts verbally on both a formal and informal basis to all levels of client staff.
Exceptional client service and communication skills, with a demonstrated ability to develop and maintain outstanding client relationships.
Ability to work additional hours as needed and travel on a regular basis to clients as required.