DHG ranks among the top 20 public accounting firms in the nation. With more than 2,000 professionals in 30+ offices located in 13 states, we combine extensive tax, assurance and advisory experience with a focus on relationships and personal service to help our clients achieve their goals. People, careers and flexibility are at the heart of DHG’s culture making it a great place to build a valuable career.
The Cybersecurity Manager supervises multiple client engagement teams performing assessments, audits, and advisory consulting associated with cybersecurity governance, risk, and compliance. The DHG Cybersecurity Team’s engagements vary considerably in size and complexity and require a combination of understanding of various technologies, cybersecurity compliance frameworks, and extensive client interaction. All of our IT Advisory services are designed for the dual purpose of strengthening internal controls and meeting compliance requirements.
IT advisory services focus on helping clients protect the security and integrity of their information by assessing the people, processes, and technology in place. Types of engagements for this role are likely to include PCI compliance assessments, cybersecurity risk and technical assessments, cyber policy procedure reviews, and Service and Organization Controls (SOC) 1, 2, 3, and SOC for Cyber reporting.
- Execute assessments within the domains of: Security Policy, Security Governance, Access and Authentication Management, Threat and Vulnerability Management, Security Infrastructure and Architecture, Application Security Architecture, and Incident Response Management.
- Oversee the performance of cybersecurity staff, leading assessment testing procedures, and reviewing team members’ work product.
- Analyze documentation, process information, technical configurations, or other client provided information and document the results of conversations and analysis.
- Stay abreast of current and emerging security risks across multiple industries, including healthcare, financial, retail, insurance, and public sector.
- Research new technologies, understand existing processes, and reference recognized standards and frameworks.
- Clearly articulate the status and results of work performed, both orally and in written form, to internal management and DHG clients Interface with our project clients to identify and understand potential risk areas.
- Contribute to the definition of final project scope, approach, and deliverables.
- Develop other staff in assessment methodology, the understanding IT process and controls, and direct some staff activities.
- Operate effectively and with minimal supervision, within a team or independently, performing special projects and related duties, as assigned.
- Pursue continuous professional development through internal/external training, certifications and/or continuing education.
- Identify opportunities for continuous improvement and enhancement to work programs and processes.
- Minimum of 5 years of experience in the cybersecurity industry required, with 2-3 years of experience in cybersecurity governance, risk, and/or compliance audit and assessment preferred.
- Bachelor’s Degree in Cybersecurity, Computer Science, MIS, Information Security, or a related discipline required.
- Strong IT Security knowledge required. Specifically, knowledge in one or more of the following areas: application security, network security, IT infrastructure, Windows and/or Linux system administration, database security.
- Working experience and/or knowledge of web and mobile technology preferred
- Experience with common security risk frameworks, including NIST 800-53 controls, the NIST Cybersecurity Framework, HIPAA, PCI, and CIS Critical Security Controls required.
- Strong conceptual thinking aptitude required.
- Strong interpersonal skills, including: written and verbal communications, willingness to assist in areas outside of direct assignments when necessary, and commitment to self-improvement and completion of team objectives required.
- Professional certification (e.g., CISSP, CISM, CISA, SANS, etc.) is a plus. Willingness to work toward achieving professional cyber credentials is required.
- Previous experience as a PCI Qualified Security Assessor and/or HITRUST Certified Assessor is a plus, but not required.
- Previous consulting, internal audit, or compliance experience is a plus.
- Ability to travel up to 60% annually, primarily in the southeastern United States, preferred. Typical travel in this role is 50 to 75% annually.
EEO Statement DHG endeavors to make the DHG Recruiting Website accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please use this email link. This contact information is for accommodation request only and cannot be used to inquire about the status of applications or system support.
DHG is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, and if you would like more information on your EEO rights under the law, please review “Employment Notices and Disclaimers” link at the bottom of the web page. DHG is happy to work with our external recruiting partners in identifying best in class talent. As our firm is held to the highest standards of compliance and integrity in interviewing, we require resumes only be presented to representatives of the Talent Acquisition team after signing a DHG agency agreement.
Agency Recruiters: DHG will not be liable for any staffing or recruiting fee associated with the submittal of any unsolicited candidates to any DHG employee outside of the Talent Acquisition team or without a signed fee agreement with the Talent Acquisition team.