Job Purpose
The role is to support the team in delivering internal audits but also larger scale advisory engagements. This means assisting in all aspects of the project lifecycle primary execution of fieldwork and preparation of deliverables including actively contributing to final recommendations.
Your responsibilities include:
1. Actively involve in the delivery of our Internal Audit/Consulting engagements.
2. Act a subject matter expert in various security and risk management domains (e.g., IT risk management, cyber risk, security target operating model, governance, compliance, cyber security maturity assessment, metrics and C-level dashboards…) and leading industry-based practices (e.g. NIST CSF, ISO 2700x…)
3. Managing the coordination and communication of key findings and results of engagements, producing written reports and supporting oral presentations to senior client management and key senior stakeholders
4. Maintaining an expertise and currency in industry trends
5. Managing and mentoring junior consultants assigned as members of engagements
6. Contributing to the development of project management, quality assurance and professional consulting and auditing approaches/methodologies.
The Candidate
We're looking for someone who is seriously interested in the cyber security area and wants to get first-hand experience in working in multiple industries with companies who need our help. We will help support you in every step of the way with on the job training as well as support for attaining industry professional certifications which will enhance your career in this field.
Skill, Knowledge & Experience
The candidate will be expected to use their technical expertise to delivery projects and to ensure that our clients comply with their regulatory obligations including NIS2 or DORA.
You will need to have a broad experience of security risk management and have evidence of experience in a number of the following fields of expertise:
7. Full understanding of the DORA regulation & NIS2 Directive and experience in implementing the regulations
8. Experience working with regulated financial services entities
9. 3+ years' varied experience in information security, risk management
10. Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS2 and DORA
11. Hands-on experience building credibility with external stakeholders
12. Proven ability to guide and collaborate with senior stakeholders in a similar GRC, security, or risk management role
13. Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders
14. The ability to explain complex topics to a diverse range of audiences
15. Strong attention to detail and the ability to deliver high quality work
16. CompTia Security +, CRISC, CISM or CISSP certification advantageous.
About Forvis Mazars
Forvis Mazars is a leading global professional services network. The network operates under a single brand worldwide, with just two members: Forvis Mazars LLP in the United States and Forvis Mazars Group SC, an internationally integrated partnership operating in over 100 countries and territories.
Both member firms share a commitment to providing an unmatched client experience, delivering audit & assurance, tax and advisory services around the world. Together, our strategic vision strives to move our clients, people, industry and communities forward. Through our reach and areas of expertise, we help organisations respond to emerging sustainability issues in the global marketplace including human rights, climate change, environmental impacts and culture.
We are one diverse, multicultural, multi-generational team with a huge sense of connection and belonging. This is a place where you can take ownership of your career, get involved, believe in yourself and put your ideas into action.
At Forvis Mazars, we empower our people and celebrate individuality. We thrive on teamwork and are agile. We have bold foresight and give people the freedom to make a personal contribution to our shared purpose. We support one another to deliver quality, create change and have a deeper understanding, to help make an impact so that everyone can reach their full potential.
Being inclusive is core to our culture at Forvis Mazars; we want to ensure everyone, whether in the recruitment process or beyond is fully supported to be their unique self. To read more about our approach click here.
Our aim is to make the recruitment process as accessible and inclusive as possible - please contact us to discuss any changes you may require so we can work with you to support you throughout your application.
Visit forvismazars.com/uk to learn more.