CNM LLP

Senior Associate - Cyber Security

CNM LLP$90K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in information systems or computer science preferred
  • 3+ years in incident response, vulnerability assessments, penetration testing, ethical hacking, and security architecture design
  • 2+ years of application and web application security experience
  • Preferred certifications: CPTC, CPTE, GPEN, CEH, CISSP, CISM or CISA
  • Willingness to support IT internal audits and SSAE16 projects
  • Strong application penetration testing skills and familiarity with tools like Cenzic, Wireshark, and Burp Suite
  • Ability to communicate complex technical information to diverse audiences

Responsibilities

  • Conduct thorough security vulnerability and penetration testing on web applications and networks
  • Manage 1-3 project teams and complete IT security controls within budget
  • Create system narratives and evaluate design and operational effectiveness of controls
  • Demonstrate clear writing and verbal skills to explain technical issues simply
  • Deliver high-quality results with minimal review and feedback cycles
  • Improve skills through feedback and formal training programs
  • Balance competing client priorities while maintaining project momentum

Benefits

  • Opportunity for promotion to Manager after demonstrating skills
  • Participation in a mentoring program and firm-sponsored training
  • Flexible work location based on client needs
  • Engagement in continuous professional education (CPE) and SME training
  • Gaining experience in a fast-paced, collaborative environment with varied client engagements
Full Job Description
Job Description

If you're interested, here is the challenge for your first year with CNM LLP.
  • Demonstrates a thorough understanding of:
    • IT security risk assessment frameworks, including implementation experience
    • IT Security industry and regulatory requirements including participating in audits, or remediation activities for requirements such as PCI-DSS, Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Meaningful Use, SSAE-16 SOC 2 etc.
    • IT governance and security related frameworks, such as COBIT, NIST 800-53, ISO27000 and current cyber security trends
    • Conducting IT security technical and functional assessments, including drafting observations and recommendations, and assisting with remediation activities
    • Performing wireless, internal and external network, and web application vulnerability and penetration testing and the ability to document technical observations and recommendations
    • Vulnerability and Penetration Testing Standards such as OWASP top 10, DoD or NSA
    • Some scripting knowledge Windows, Unix, Bash, Python, Perl or Ruby
    • Security policies, tools and technology including Identity and Access Management, Data Loss Prevention (DLP), SIEM solutions, Firewall, Web Proxy, Anti-Virus, and Application Whitelisting solutions
  • Conduct technical security vulnerability and penetrations testing assessments on our client's web applications, wireless, internal and external networks and providing actionable and risk prioritized observations and recommendations
  • Complete the assigned IT security and application controls on 1-3 project teams, within the given budget with minimal supervision by:
  • Creating system narratives, identifying key controls, and concluding on design and operating effectiveness of key controls.
  • Demonstrating clear and concise writing, and verbal skills to communicate complex issues in simple terms to clients and team members.
  • Producing quality deliverables evidenced through minimal review time and review notes.
  • Actively improving technical and project management skills through on the job feedback, performance evaluations, mentoring and firm-sponsored formal training programs including monthly CPE and Subject Matter Expert (SME) training.
  • Responding to client needs and balancing the competing priorities with minimal client disruptions, while maintaining project progress.

Upon successfully demonstrating the skill set listed above you will have the opportunity to earn a promotion to Manager. As a Manager you will be responsible for:
  • Building internal teams through participation in our mentoring program and interviewing.
  • Managing one to several individual project teams, project scheduling, reviewing of workpapers, and being the primary point of contact between the CNM team and the client.


Qualifications

Qualifications:
  • Bachelor's degree is required in a related field; information systems or computer science preferred
  • Minimum 3+ years of relevant work experience in incident response, vulnerability assessments, penetration testing, ethical hacking, security architecture design, including supervisory experience, is required;
  • 2+ years of hands-on application and web application security experience
  • Certification(s) Preferred: CPTC, CPTE, GPEN, CEH, CISSP, CISM or CISA
  • Must have a willingness to learn and support IT internal audit, SSAE16 - SOC 1 Type II and Sarbanes-Oxley projects
  • Strong experience in performing application penetration testing, as well as using techniques and tools such as Cenzic, Wireshark, Kali Linuz, NMAP, Burp Suite, etc.
  • Must be able to articulate complex and technical information to a technical and non-technical audience
  • Ability to understand IT risks and implications to the business, identify weaknesses and recommend solutions
  • Self-directed, with the ability to thrive in a fast-paced and collaborative environment
  • Flexible, team player and deadline oriented
  • Flexibility to travel to clients within the greater Los Angeles Area


Are you ready for the challenge? If so please apply here.

You may also visit our company website www.cnmllp.com/careers.

Location: Our office is in located in Woodland Hills, but the location of our work is based on client locations primarily throughout the greater Los Angeles area.

About CNM LLP

CNM LLP is a certified public accounting firm that provides audit, tax, and advisory services to clients in various industries. The company was founded in 2006 and is headquartered in Pittsburgh, Pennsylvania. CNM's clients include privately held businesses, public companies, and non-profit organizations. The company's mission is to provide high-quality services that help clients achieve their financial goals.
Learn more about CNM LLP
Size
2,000 employees
Industry
Net Income
$10 million
Founded
2006
5 Year Trend
+10%
Revenue
$50 million

Similar Jobs

More Jobs at CNM LLP

More Information Technology Jobs

Find similar Senior Associate - Cyber Security jobs: