GTI Manager of Cybersecurity Operations
Phoenix, AZ, United States
Grant Thornton
Grant Thornton is one of the world's largest professional services networks of independent accounting and consulting member firms which provide assurance, tax and advisory services to privately held businesses, public interest entities, and...About the role
Overall role purposeIn our Go Beyond network strategy 2025 our vision is to become ‘the most valued network in the profession’.
The Manager of Cybersecurity Operations plays a crucial role in managing the proactive, operational and reactive cybersecurity posture for GTIL and member firms globally.
Reporting directly to the lead of GTIL’s cybersecurity operations and with key relationships to IT Operations and the Managed Security Service Provider (MSSP), this role provides subject matter expertise and orchestration across a wide range of cybersecurity services and solutions. This includes planning, implementation, operations, maintenance and continual improvement of these services and solutions to provide the best insight, protection and value for the organisation.
Main responsibilities
Cybersecurity Operations
- Manage the various cybersecurity operational and monitoring tools for GTIL (and globally where tools extend across Member Firms).
- Liaise with the various Business Unit stakeholders, MSSP, and cybersecurity vendors, with regards to planning, provision and maintenance of operational and monitoring tools.
- Liaising with the GTIL Security Architect and IT Operations to implement responsibility and accountability across Identity Access Management (IAM) services.
- Respond to, redirect or escalate GTIL and Member Firm queries, in relation to impacting cybersecurity operations and potential threats.
- Oversee the security training and awareness programmes for GTIL.
- Hold various privileged functional roles within cybersecurity and IT operational platforms, as defined by team RACI models.
- Function as cybersecurity proxy on the IT/Shared Services Change Advisory Boards (CAB).
- Develop and maintain documentation of cybersecurity operations.
Cybersecurity Engineering Support
- Enforce security policies via technical configuration and end user awareness.
- Assist in successfully planning, testing, validating, and documenting secure configurations across multiple core platforms.
- Manage the identification, classification, labelling and protection of data across various productivity platforms.
- Actively participate in industry-specific threat intelligence sharing groups and forums to contribute insights and gain valuable knowledge on emerging threats.
- Design and implement advanced threat intelligence capabilities, including the development of automated processes for data collection, analysis, and dissemination.
- Assist in improving implementation of automated incident response via SOAR and workflows.
- Determine gaps in technology and processes to identify opportunities for further development.
Risk Engagement – Advisory and Reporting
- Evaluate and advise on existing systems design and operational functions relative to security best practices and compliance requirements.
- Evaluate the security impact of changes to information systems and provide commensurate risk advice.
- Engage in complex technical discussions with other technical teams; Provide clear guidance on the security requirements of those issues or projects.
Proactive – Threat Modelling and Analytics
- Independently research and analyse emerging cyber threats, vulnerabilities, tactics, techniques, and procedures (TTPs)
- Assist in the design and management of appropriate risk management processes to collect, analyse and report on industry wide, imminent and emerging cybersecurity risks to GTIL and member firms.
- Liaise with key IT, Business Unit stakeholders and vendors to conduct technical probing and analysis of GTIL’s information security architecture and defensive controls.
- Assist in testing methods to identify ways that attackers could exploit weaknesses in security systems.
- Assist in the development and maintenance of documentation on vulnerability assessments, threat modelling and risk remediation processes.
Reactive – Incident Response
- Assist in investigating potential security incidents and the degree to which the investigation must happen.
- Determine the need to escalate a security incident to Cyber Operations management.
- Assist in root cause analysis, evaluate capability maturity and optimise future security incident handling through process improvements.
- Assist in development and maintenance of documentation on cyber security incident playbook and runbooks, process workflow, incident handling and response capabilities.
Miscellaneous
- Supporting the Associate Director and other Cybersecurity leadership in meeting and delivering department and strategic objectives.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Compliance Exploit IAM Incident response Monitoring Risk management SOAR Strategy Threat intelligence TTPs Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open DoD-related jobs