Sr. Associate, Cyber Strategy, Risk and Compliance

  • RSM US
  • Vancouver, British Columbia, Canada
  • Jun 23, 2022

Job Description

RSM's purpose is to deliver the power of being understood to our clients, colleagues and communities through world-class audit, tax and consulting services focused on middle market businesses. The clients we serve are the engine of global commerce and economic growth, and we are focused on developing leading professionals and services to meet their evolving needs in today's ever-changing business environment.

In order to address the most critical needs of our clients, RSM Canada established the Security and Privacy Risk Consulting group, comprised of cybersecurity professionals dedicated exclusively to serving the cyber security and information protection. This group includes experienced consultants dedicated to helping clients with preventing, detecting, and responding to security threats that may affect their critical systems and achieving regulatory compliance related to the handling, processing, and protection of sensitive information. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise within areas of information security risk management, security testing, enterprise architecture, governance, regulatory privacy compliance, and digital forensics.

We are looking for a Sr. Associate, Cyber Strategy, Risk and Compliance for our Security, Privacy & Risk practice! You will be responsible for assisting with building delivery capabilities, innovating service offerings and executing engagement delivery within risk consulting. You will continue the firm's mission to build and lead a world-class consulting practice that will offer RSM Canada's clients solutions for their IT security risks, data privacy risk management, technology vulnerabilities, incidents and data breach response, security architecture, and compliance with regulations and standards needs.

Responsibilities
  • Execute and deliver project tasks for complex technology environments
  • Present and communicate project status and risk-based observations and proposed solutions to clients' leadership teams
  • Identify business opportunities within current engagements to expand the scope of services rendered
  • Develop leading practice points of view of relevant cyber security related topics for internal marketing and external organizational branding
  • Communicate complex technical issues to client senior management through the ability to transform such data into non-technical and executive style reports and presentations
  • Leverage industry and technical expertise to identify improvement opportunities for assigned clients and assist with the development of remediation services for identified findings
  • Identify technological and operational risk mitigation opportunities
  • Deliver high-quality solutions in accordance with professional and industry standards
  • Develop and maintain relationships with stakeholders
  • Advise area leadership on the development and execution of the Security & Privacy Risk service line growth program

Basic Qualifications
  • 2-5 years of related work experience in IT risk, cybersecurity or data privacy consulting
  • Ability to communicate to clients regarding the strategic and tactical risks of advanced security threats, enterprise security management practices and innovative solutions to help mitigate information security risk factors
  • Ability to be market-facing to identify and potentially pursue new client prospects
  • Experience in and knowledge of delivering data protection, breach management and regulatory privacy assessments
  • Experience in and knowledge of delivering information security reviews and maturity assessments based on various frameworks and standards such as NIST CSF, ISO 27001/27002, and CIS Security Controls
  • Proven ability to effectively collaborate
  • Excellent writing and presentation skills
  • Creative thinking ability combined with individual initiative and flexibility in prioritizing and completing tasks
  • Desire and willingness to keep up with the security and privacy industry, following the industry's advancements, challenges, and discoveries
  • Willingness to travel up to 10%

Preferred Qualifications

  • Bachelor's degree in Information Security, Computer Science, Information Systems Management, or related discipline
  • Any of the following certifications:

o Certified Information Systems Security Professionals® (CISSP®)

o Certified Information Systems Auditor® (CISA®)

o Certified Information Security Manager® (CISM®)

o Certified Information Privacy Professional (CIPP)

o Certified Ethical Hacker (CEH)

o GIAC certifications

o Equivalent security certifications
  • Strong technical knowledge in any of the following:

o IT security governance and risk

o Security architecture

o Deployment of security appliances such as DLP, SIEM, IDS/IPS
  • In-depth knowledge of the security and privacy provisions of a variety of regulations and standards such as NIST CSF, PCI, NERC/CIP, SOX, Canadian and EU Privacy Laws, ISO, and NIST 800 series
  • Experience working in a virtual environment, completing projects with team members based in various locations, domestically and globally


In accordance with applicable law and RSM policy, prospective hires will be required to demonstrate that they have been fully vaccinated for COVID-19. If not vaccinated for COVID-19 they must qualify for an accommodation to this vaccination requirement or participate in testing. If you are located in New York, pursuant to current applicable law, you will be required to be vaccinated to enter the New York office and testing is not an option to enter the New York office.

You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective.

Experience RSM. Experience the power of being understood.

RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.

Job ID: req28712_Vancouver

Line of Business: Consulting Services

SubFunction: RC SPRC CSRC Gov Risk Strategy

Job Type: FullTime

Req #: req28712_Vancouver

Location: Vancouver, BC CA

Region: Canada Region

Job Category: Business Consulting/Technology

Employment Type: Experienced

Degree Required: None

Travel: Yes

Salary Range: $Salaried - $