At Grant Thornton, our people drive our passion for the business of accounting. Discover a place where you’ll work with a team of professionals dedicated to providing bold leadership and distinctive client service. Spend each day engaged in meaningful and challenging work. Be supported in your professional growth and recognized for your contributions.

Learn what it’s like to work with people who love what they do at a firm that invests in its people - Experience Grant Thornton!

Grant Thornton LLP is one of the fastest growing accounting firms with 50 offices in the United States and member firms in more than 100 countries. We strive to help our partners and employees achieve their professional and personal goals by creating a positive Grant Thornton Experience built on our Global Values: Collaboration, Leadership, Excellence, Agility, Respect and Responsibility.

Visit www.GrantThornton.jobs today.

Senior Security Analyst
 
Position Summary:
The Senior Security Analyst will be responsible for ensuring that Information Technology resources are secure from unauthorized use, while also ensuring authorized users have appropriate access to systems and information to meet the daily and strategic business of the firm. The Senior Security Analyst position carries with it the responsibility for the design and architecture of the firm’s information security program, which includes the design of policies, guidelines, and procedures, as well as overseeing the monitoring activities to identify any potential information risks to the institution. This responsibility requires this position to create, refine, and implement necessary guidelines and procedures to ensure the safety of information assets, and to protect systems from intentional, inadvertent access or destruction.
 
Essential Duties and Responsibilities:
 

Architect, implement and continually improve a comprehensive information security program which documents Grant Thornton’s objectives, strategies and tactics for ensuring the organization has an appropriate information security environment.
Provide security consulting services for Information Technology initiatives.
Significant contribution to the governance of information security by interpreting, communicating, and implementing appropriate changes to policies, procedures, guidelines and systems.
Participate in the evaluation process for both existing and proposed information safeguards and make recommendations for improvement where needed.
Support the pursuit of engagements by providing details of our security program when requested by Grant Thornton’s clients and prospects.
Ensure that a consistent vulnerability management strategy is implemented.
Participate in testing of implementations and solutions for vulnerabilities.
Conduct threat and risk assessments.
Investigate and report on internal and external security threats, breaches and violations
Work as a liaison with vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements.
Participate in Grant Thornton’s business continuity and recovery planning and testing processes.
Work with IT leadership to develop budget projections based on short-and long-term goals and objectives.
Manage external vendor relationships and activities such as vendor assessments, penetration tests, vulnerability assessments and risk assessments.
Maintain a knowledge base comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations.
Implement security awareness training for all staff within the organization and monitor the effectiveness of such training.
Provide guidance on information security practices to other Grant Thornton International member firms.

Required Skills and Experience:

Bachelor’s degree or equivalent; or 5 to 7 years related job experience and/or training; or equivalent combination of experience and training. Specific experience must include information systems and network security. Following are additional essential qualifications required for this position:

· Understanding of physical security measures including law enforcement procedures and forensics.
· Familiarity with information security laws, acts, and regulations impacting the operations of Grant Thornton and its clients.
· Professional services experience, specifically with accounting or technology consulting, is preferred.
· Knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts. Working knowledge of database security.
· Familiarity with the Windows operating system, firewalls technologies, Cisco routers & switches, ISS intrusion detection systems, security monitoring tools and methodology.
· Experience with common information security management frameworks, such as International Standards Organization (ISO) 17799/27001 and the IT Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (CobiT) and National Institute of Standards and Technology (NIST) frameworks.
· Excellent technical knowledge of mainstream operating systems (for example, Microsoft Windows and Sun Solaris) and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance and desktop security tools
· Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel.
· Experience in developing, documenting and maintaining security policies, processes, procedures and standards.
· Proficiency in performing risk, business impact, control and vulnerability assessments.
· Audit, compliance or governance experience preferred.
· CISSP, CISA or equivalent certification preferred.
· Keeps current on new technologies and applies acquired knowledge to current systems where appropriate.

Must be able to read, analyze, interpret and apply common security practices in a business environment. Must be able to respond to threats and implement responses to situations in a timely manner. Must have a broad understanding of security concepts and how to apply them in real world situations. Must have Ability to interact with Grant Thornton personnel and build strong relationships at all levels, and across all business units and organizations, and to understand business imperatives.

Benefits:

Benefits:

Grant Thornton LLP promotes a nationally recognized culture of health and offers an extensive array of benefits to meet individual lifestyles. For a complete list of benefits please visit www.gt.com .