Cybersecurity Associate - Drawbridge Partners, LLC (Schenectady)
Compensation: $118,140.00 - $187,860.00 /year *
Employment Type: Full-Time
Industry: Information Technology
About Drawbridge Partners, LLCDrawbridge Partners is a cybersecurity consulting firm specializing in the needs of hedge fund and private equity managers. With proven results and extensive industry experience, Drawbridge Partners assists managers with building and maintaining a rigorous cybersecurity program to protect their sensitive data. Cybersecurity, advanced data protection, and a highly secure systems infrastructure are an absolute requirement to ensuring future success in the alternative investment space. Drawbridge Partners will engage in logical, technical, and human processes, which will provide state-of-the-art innovations to create a program that exceeds regulatory guidelines and investor demands.
Working at Drawbridge Partners, LLCAt Drawbridge Partners, we are committed to attracting and retaining the best individuals who enjoy working in a fast-paced environment.You will be joining an agile team that will help you at every level of your career to identify and use your strengths to grow. This is an opportunity to work at a company that is open to new ideas as we build a dynamic and diverse environment for our employees. The work will be challenging and rewarding.You will gain hands on experience from a team who strives to see its employees succeed.
We are looking for highly motivated, results oriented individuals who have an entrepreneurial spirit to join our fast growing team.Excellent communication skills are a MUST.If this sounds like you, and youre ready to take the next step in your career at a company that is invested in YOU, please send your resume with a cover letter to ...@drawbridgepartnersllc.com.
General ResponsibilitiesAssist with client projects and develop the skills to lead projects as your time at Drawbridge Partners continues.Assist with tailoring the project management framework, approaches, and methods to help streamline projects.Identify tasks necessary to remediate identified risks and vulnerabilities for clients and service providers.Conduct risk analysis, assessments, and security audits using internal and third-party tools.Demonstrate an advanced understanding of business processes, internal control risk management, IT controls, and related standards.Identify and evaluate complex business and technology risks, controls to mitigate risks, and related opportunities for control improvement.Understand business, information technology, risk, and operational management processes.Interpret controls and provide suggestions for mitigation strategies to clients and service providers.Learn the regulatory framework and compliance guidelines for cybersecurity for the SEC, NFA, FCA, MAS, and any other regulatory agency applicable to our clients. Ensure projects are completed within a reasonable time frame and monitor the status of projects. Initiate periodic check-ins with clients to ensure services and projects are up to par with client expectations.Follow up with clients and service providers to ensure documents requests or documents needing review are addressed.Update internal trackers, provide status updates to project managers, and ensure other internal matters relating to projects or clients are kept up-to-date.Maintain relationships with clients, IT providers, and other service providers.
Project ResponsibilitiesPrepare summary and gap analysis reports highlighting the features of our clients cybersecurity programs.Schedule, conduct, and lead risk assessment meetings with clients and IT providers to obtain information regarding a clients security and privacy controls.Prepare risk assessment reports and discuss the assessment findings with clients.Conduct cybersecurity due diligence on our clients service providersConduct vulnerability scans on client networks and send scan reports to clients. Conduct live or schedule online training for clients.Schedule online phishing exams, set phishing exam timeframes, monitor phishing campaigns, and prepare phishing reports.Conduct live or virtual incident response tabletop exercises.
Minimum QualificationsStrong knowledge of security standards and frameworks such as, but not limited to, NIST, CIS, COBIT, etc.A diverse understanding of security disciplines.Knowledge of auditing standards and frameworks such as, but not limited to, COSO, ITAF, and ISO.CRISC, CISA, CISSP, CIPP, Security +, certifications are a huge plus.Previous experience with vulnerability management software such as Qualys, Nessus, Tenable, etc. Previous Experience conducting risk assessments are a plus. Experience in a client/customer facing role.Knowledge of IT infrastructure, Cloud Technology, Business Continuity, Disaster Recovery, and Incident ResponseAbility to effectively communicate with clients and maintain strong client relationshipsAbility and willingness to take on projects outside of the regular scope of workStrong team spirit, balanced by a healthy sense of autonomyExcellent written and verbal communication skillsExcellent time management skillsKnowledge of hedge fund, private equity, or RIA operations/compliance a huge plus.
Associated topics: attack, cybersecurity, forensic, iam, idm, information technology security, malicious, security engineer, threat, violation
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.
Loading some great jobs for you...