Cybersecurity and IT Audit Manager - Risk Advisory

    • Job Tracking ID: 512240-745911
    • Job Location: Boston, MA
    • Job Level: Management
    • Level of Education: BA/BS
    • Job Type: Full-Time/Regular
    • Date Updated: October 12, 2020
    • Years of Experience: 7 - 10 Years
    • Starting Date: ASAP
Invite a friend
facebook LinkedIn Twitter Email

Job Description:

Blumshapiro, New England’s largest regional accounting, tax and advisory firm, is seeking a Cybersecurity Manager for its Risk Management Advisory practice in Massachusetts (Boston and Quincy). The professional in this role will provide information security and compliance consultative services to middle-market/large organizations. Primary responsibilities will include the following:

  • Provide expertise and deliver cybersecurity and IT audit services in the Massachusetts markets, with occasional travel outside Massachusetts
  • Advise clients in improving information security and cybersecurity practices
  • Perform information security risk assessments and cyber threat analyses
  • Perform gap analyses according to various technology / compliance standards
  • Understand and document IT internal controls for organizations’ process/data/workflow
  • Evaluate and Test IT general and application controls
  • Provide hands-on contribution to cybersecurity and technology vulnerability assessment projects
  • Develop creative, logical solutions and assisting in the presentation of findings and recommendations to clients
  • Interact with clients on a regular basis for various cyber-security and IT audit related projects
  • Ensure that the engagement is conducted in a timely and accurate manner and all significant matters have been identified, resolved, a documented in accordance with Firm policies and professional standards
  • Perform monthly billing
  • Leveraging blumshapiro’s collective technical knowledge
  • Attend professional networking events and speaking engagements
  • Contribute to cybersecurity thought leadership content
  • Develop potential referral sources
  • Create proposals and managing the proposal and sales process from initial conversation to contract signing, including collaborating with other experts and service lines within the firm
  • Develop new products/services that can be marketed
  • Enhance technical expertise through training, involvement in trade organizations and by staying current on relevant industry developments
  • Participate in firm committees and initiatives


Experience and Skills:

  • Bachelor’s degree in cybersecurity, information technology, business information systems, accounting or a related field is required
  • Professional cybersecurity, technology consulting and/or IT audit background and/or experience preferred
  • Strong experience evaluating the security of various IT infrastructure, servers, networks, domains and other systems using security tools is preferred
  • Knowledge of various security compliance standards and best practices (ex: ISO 27002, CSA, PCI, CIS, NIST 800 Series)
  • One or more of the following certifications (CPA,CISA,CIA,CISSP,CRISC ) preferred
  • Understanding of various security governance frameworks (ex: COBIT, COSO, NIST CSF, ISO 27001)
  • Strong knowledge of IT audit and reporting frameworks (ex: SOC-1, SOC-2, Shared Assessments)
  • Strong business development and selling skills, generating leads, making contacts and securing clients
  • Ability to problem-solve and think both creatively and logically
  • A demonstrated ability to self-direct and effectively organize, prioritize and manage multiple projects under tight deadlines
  • Ability to create various types of reports: presentations, findings/recommendation and workflow documents
  • Outstanding leadership and talent development experience
  • Excellent analytical and organizational skills
  • Exceptional written and verbal communication skills
  • Proficient with MS Office tools (Office365, Word, Excel, Access, PowerPoint, Visio, Teams)