In today’s dynamic environment, business leaders face constantly shifting risks. Riveron helps organizations implement leading governance, risk and compliance practices by combining deep expertise with pragmatic partnership, using a hands-on approach to understand the specific needs of the organization and create tailored solutions to address key compliance risks.Our Cyber Security & Data Privacy (CSDP) services include building GRC/Cybersecurity programs from the ground up, framework readiness, design and maintenance of critical security domains, managed internal controls testing and monitoring, co-sourced/outsourced internal audit, segregation of duties and access risk review, policy and procedure development, enterprise risk management, and IT and cybersecurity risk assessment.The Associate level position for Riveron’s CSDP group will work collaboratively with senior team members who provide guidance, coaching, and direction. The role includes supporting the implementation of GRC/Cybersecurity programs, assessing the design and operating effectiveness of IT General Controls (ITGC), developing and executing remediation roadmaps, incident response, completing vendor reviews and performing IT risk assessments.Qualifications:Bachelor's and/or Master’s degree in Information Technology (IT), Computer Information Systems (CIS), Management Information Systems (MIS), or a related field Relevant certification preferred, such as CompTIA Security+, CISA, AWS Cloud PractitionerMinimum 1 year of experience in an IT Audit, Cybersecurity Analyst or IT Risk Advisory roleDemonstrated knowledge of compliance frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST, FedRAMP, CMMC Familiarity with GRC solutions, tools, and technologiesWho You Are:You have a passion for developing and maintaining client relationshipsYou get the job done and have fun doing itYou communicate skillfully with a variety of audiences and can create compelling stories from dataYou thrive in an ever-changing, dynamic work environmentYou readily identify problems and instinctively look for solutionsYou enjoy participating in internal and external company initiatives such as community service, training, recruiting, and firm eventsWhat You’ll Do:Support Senior Associates and Managers in implementing cybersecurity programs aligned with SOC 2, ISO 27001, and other security and privacy frameworksConduct compliance readiness assessments and assist with external auditsMaintain day-to-day compliance, security, and privacy operations, including incident response tabletop exercises and formalizing response and notification proceduresAssist clients with key security and compliance initiatives, including risk assessments, business continuity planning, cloud configurations, user access reviews, and asset inventoriesImplement and manage GRC platforms (e.g., Drata GRC platform, Vanta compliance automation platform, Tugboat Logic platform)Perform vendor risk reviews, including analyzing SOC 2 reports and managing security questionnairesDevelop and maintain security policies and standard operating procedures (SOPs) across key domainsCoordinate project activities, set priorities, and track progress against timelines, budgets, and deliverablesCommunicate regularly with clients to manage expectations and provide project status updatesDeliver clear written and verbal presentations, including recommendations for operational and financial improvements to executive stakeholdersStay current on emerging risks and evolving control practicesBuild and maintain strong industry relationships to support long-term business developmentAbout Riveron:At Riveron, we partner with clients—from global multinationals to high-growth private entities—to solve complex finance challenges, guided by our DELTA values: Drive, Excellence, Leadership, Teamwork, and Accountability. Our entrepreneurial culture thrives on collaboration, diverse perspectives, and delivering exceptional outcomes. We are committed to fostering growth, both for our clients and our people, through mentorship, integrity, and a client-centric approach. This inclusive environment offers flexibility, progressive benefits, and meaningful opportunities for impactful work that supports well-being in and out of the office. Check us out on social media: LinkedIn Glassdoor Instagram Facebook Riveron Consulting is an Equal Opportunity Employer and believes that we are stronger together through our diversity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability status, protected veteran status, sexual orientation, gender identity or any other characteristic protected by law.Full time roles are eligible for a full range of benefits including medical, dental, and vision insurance, 401(k) with company match, and PTO. A complete description of all available benefits can be found at Riveron's Benefits page at https://riveron.com/riveron-life/. Contract roles are not eligible for benefits.Fraud AlertPlease beware of fraudulent schemes or impersonations when going through the job application process. A Riveron employee will never recruit via text or extend unsolicited employment offers. Additionally, a Riveron employee will never ask you to exchange money or purchase anything as part of the recruiting process.We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.