Job Field Widget
In order to address the most critical needs of our clients, RSM US LLP established the Security and Privacy Services group, comprised of more than 150 professionals dedicated exclusively to serving the cybersecurity needs of our clients. This group includes experienced consultants located throughout the country dedicated to helping clients with preventing, detecting, responding and recovering to security threats that may affect their critical systems and data. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise within areas of security testing, architecture, governance and compliance, digital forensics and security transformation.
We are seeking individuals to fill a variety of positions focused on development and implementation of reusable security patterns across on premise and cloud infrastructures. These positions will assist in requirements gathering, threat modeling, and architectural review of DevOps and InfraOps pipelines, as well as client network and application architectures. These individuals will conduct workshops and other support activities to aid clients in establishing and reviewing reusable security patterns in hybrid- and multi cloud- environments. Finally, these individuals contribute to internal code repositories established to deploy and configure client infrastructure based on defined security requirements, primarily leveraging Terraform and Ansible.
At RSM, Senior Associates work with large and small companies in variety of industries. They develop strong working relationships with clients built on understanding their businesses and challenges facing the organization. Senior Associates work on multiple team engagements each year, including several facets of any particular project-not just a single area of focus. Working in a mutually respectful team environment helps our Senior Associates perform at their best and integrate their career with their personal life. You will have the opportunity to:
Lead development of enterprise security architecture solutions spread across on premise and cloud platforms
Create cloud based programs, performing threat simulations to detect possible risks, and providing security recommendations on topics like micro services design or application development
Develop security controls and processes for products developed and deployed in cloud environments
Provide instruction and direction on secure cloud based coding concepts
Develop in-depth security architecture, design and coding standards across infrastructure, application and data security, to drive a standardized set of security requirements, and align with internal policies and meet external compliance/regulatory requirements
Perform threat modeling, conduct reviews of security architecture and platform/service designs, and audit source code
Develop security tools and automation using Ansible and/or Terraform playbooks
Develop and deliver security training to clients and internal teams
Support for mentoring, team building and recruiting activities
Basic qualifications for a Senior Associate-level position include:
Minimum B.A. or B.S. degree or equivalent from an accredited university by the time employment commences
Computer science, information technology, information systems management, or other similar degrees preferably with a focus on information security
Strong working knowledge of computer network technologies, protocols and topologies
Proficiency with a variety of cloud platforms including AWS, Azure and Google
The ability to interpret and convey technical information through written and oral communications to all levels of technical aptitude, including senior management
High degree of integrity and confidentiality, as well as ability to adhere to company policies and best practices
Possess a strong internal drive and motivation for continuous improvement
Beneficial, but not required, qualifications for a Senior Associate-level position include:
Practical hands-on or lab experience with traditional network infrastructure, servers, storage, a network and virtualization software, as well as cloud concepts such as containers, dockers, kubernetes, etc.
Experience with testing and development frameworks, with regards to their applicability to cloud environments, such as the Open Web Application Security Project (OWASP), Open Source Security Testing Methodology Manual (OSSTMM), the Penetration Testing Execution Standard (PTES), Information Systems Security Assessment Framework (ISSAF), and NIST SP800-115
Familiarity with security testing techniques such as network discovery, port and service identification, vulnerability scanning, network sniffing, penetration testing, and configuration reviews
Familiarity with the application of security and privacy provisions to cloud environments across a variety of regulations and standards such as PCI, ISO 27000 series, NIST SP 800 series, etc.
You want your next step to be the right one. You've worked hard to get where you are today. And now you're ready to use your unique skills, talents and personality to achieve great things. RSM is a place where you are valued as an individual, mentored as a future leader, and recognized for your accomplishments and potential. Working directly with clients, key decision makers and business owners across various industries and geographies, you'll move quickly along the learning curve and our clients will benefit from your fresh perspective.
Experience RSM US. Experience the power of being understood.
Text/HTML Job ID:
Job Field Widget req17539
Text/HTML Line of Business:
Job Field Widget Consulting Services
Job Field Widget RC SPRC ST Architecture
Text/HTML Job Type:
Job Field Widget FullTime
Text/HTML Req #:
Job Field Widget req17539
Job Field Widget Cleveland, OH US
Job Field Widget Great Lakes Region
Text/HTML Job Category:
Job Field Widget Business Consulting/Technology
Text/HTML Employment Type:
Job Field Widget Experienced
Text/HTML Degree Required:
Job Field Widget Bachelor
Job Field Widget Yes
RSM is an equal opportunity/affirmative action employer. Minorities/Females/Disabled/Veterans.