Senior Associate, Cyber Security & Data Privacy (CSDP)
In a world where digital threats constantly evolve, safeguarding businesses against sophisticated risks is paramount. Riveron empowers organizations to build resilient foundations through industry-leading governance, risk, and compliance (GRC) practices. We are pragmatic partners, diving deep into our clients' unique operational landscapes to engineer tailored, robust cybersecurity and data privacy solutions that address critical compliance risks head-on.
As a Senior Associate within our Cyber Security & Data Privacy (CSDP) team, you will be at the forefront of this mission. You’ll leverage your expertise to guide clients through complex challenges, building and maturing their cybersecurity programs from the ground up, ensuring framework readiness, and designing critical security domains. This role offers the opportunity to lead impactful engagements, mentor junior team members, and directly contribute to our clients' success and digital trust.
Your Mission Program Leadership: Spearhead the implementation of comprehensive GRC/Cybersecurity programs, aligning them with critical frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST, FedRAMP, and CMMC. What You’ll Bring Bachelor's and/or Master’s degree in Information Technology (IT), Computer Information Systems (CIS), Management Information Systems (MIS), or a related field. Who You Are Possess a genuine passion for developing and nurturing strong client relationships, understanding their unique challenges, and delivering tailored solutions. About Riveron Check us out on social media: LinkedIn Glassdoor Instagram Facebook Riveron Consulting is an Equal Opportunity Employer and believes that we are stronger together through our diversity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability status, protected veteran status, sexual orientation, gender identity or any other characteristic protected by law. Full time roles are eligible for a full range of benefits including medical, dental, and vision insurance, 401(k) with company match, and PTO. A complete description of all available benefits can be found at Riveron's Benefits page at https://riveron.com/riveron-life/. Contract roles are not eligible for benefits. Fraud Alert We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
In this dynamic role, you will lead the charge on client engagements, managing the day-to-day operations and driving significant impact. Your responsibilities will include:
Risk Assessment & Remediation: Conduct rigorous IT risk assessments, evaluate the design and operating effectiveness of IT General Controls (ITGC), and develop/execute strategic remediation roadmaps.
Compliance & Audit Readiness: Guide clients through compliance readiness assessments and provide expert assistance during external audits.
Security Operations & Incident Response: Maintain day-to-day compliance, security, and privacy operations, including directing incident response tabletop exercises and formalizing response and notification procedures.
GRC Platform Implementation: Implement and manage cutting-edge GRC platforms (e.g., Drata GRC platform, Vanta compliance automation platform, Tugboat Logic platform) to streamline compliance efforts.
Vendor Risk Management: Perform vendor risk reviews, analyzing SOC 2 reports and managing security questionnaires to ensure supply chain integrity.
Policy Development: Develop and maintain robust security policies and standard operating procedures (SOPs) across key security domains.
Client Engagement & Mentorship: Actively lead client engagements, manage project plans, provide clear status updates, and mentor Associates, reviewing their work for quality and fostering their growth.
Strategic Consulting: Assist clients with key security and compliance initiatives, including business continuity planning, cloud security configurations, user access reviews, and asset inventories.
Communication & Influence: Deliver clear written and verbal presentations, including actionable recommendations for operational and financial improvements to executive stakeholders.
Thought Leadership: Stay current on emerging risks and evolving control practices, actively building and maintaining strong industry relationships to support long-term business development.
3+ years of progressive experience in an IT Audit, Cybersecurity, or IT Risk Advisory role.
Demonstrated knowledge of compliance frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST, FedRAMP, CMMC.
Familiarity with leading GRC solutions, tools, and technologies.
Relevant certification preferred, such as CISA, CISM, CISSP or AWS Cloud Practitioner.
You are a driven cybersecurity professional with a passion for making a tangible impact. You:
Are a natural problem-solver, instinctively seeking solutions and thriving in an ever-changing, dynamic work environment.
Communicate skillfully with diverse audiences, translating complex technical information into compelling stories and actionable insights for executive stakeholders.
Are committed to excellence, not just getting the job done, but exceeding expectations and having fun along the way.
Enjoy participating in internal and external company initiatives, contributing to community service, training, recruiting, and firm events.
At Riveron, we don’t just consult; we partner with clients—from global multinationals to high-growth private entities—to unravel complex finance challenges. Our entrepreneurial culture is powered by our DELTA values: Drive, Excellence, Leadership, Teamwork, and Accountability. We thrive on collaboration, embrace diverse perspectives, and are committed to delivering exceptional outcomes that redefine client success.
We believe in fostering growth, both for our clients and our people. Through dedicated mentorship, an unwavering commitment to integrity, and a client-centric approach, we create an inclusive environment that offers flexibility, progressive benefits, and meaningful opportunities for impactful work that supports well-being in and out of the office.
Please beware of fraudulent schemes or impersonations when going through the job application process. A Riveron employee will never recruit via text or extend unsolicited employment offers. Additionally, a Riveron employee will never ask you to exchange money or purchase anything as part of the recruiting process.