CNM LLP is a technical advisory services firm that works with the top local talent on the most comprehensive and intriguing projects for discerning clients ranging from start-ups to closely held mid-market companies to large multi-national Fortune 1000 firms. The CNM reputation is built upon a foundation of professional excellence and trusted relationships and is recognized nationally for commitment to excellence. Employees value the open and honest environment, consistent focus on work life balance and an outstanding culture that is difficult to find anywhere else in the professional services industry. This unwavering attention to providing an exceptional work environment has enabled CNM to be recognized as a Great Place to Work® for three consecutive years, as well as one of the Best Places to Work in Los Angeles and Orange County.

CNM is currently offering an exciting Manager opportunity to be part of our growing Los Angeles Cybersecurity team.   This position will actively participate and lead growth as we continue to build our practice. You will execute challenging and complex engagements and be exposed to components of Cybersecurity & Privacy strategy for our impressive clients. This position is currently a hybrid structure (60% at client/in office, 40% remote).  There is local travel throughout Los Angeles and Orange County.

Projects include: Cybersecurity risk and maturity assessments using frameworks such as: ISO 270001, NIST CSF 2.0, CIS 18, PCI-DSS and MITRE ATT&CK. Developing security policies and procedures, in line with regulatory requirements and standards. Privacy projects and audits in support of CCPA/CPRA and GDPR compliance.  Assisting clients with meeting PCI-DSS requirements. Security transformation programs – design & management of security solution implementations and/or remediation. Design and implementation of programs to improve capability areas such as Vulnerability Management, Incident Response, IT Disaster Recovery, Business Continuity, Threat Intelligence and Monitoring.

Responsibilities

• Lead, mentor, manage and train the team of Cybersecurity Senior Associates and collaborate with other Managers
• Oversee complex and specialized client engagements, reporting status and collaborating with Cybersecurity team members including: Associate Director, Director, Managing Director and Partner
• Lead or assist in the development of privacy program governance components (e.g., policies, procedures, standards, frameworks, trainings, notices) for clients across industries
• Support the Cybersecurity and Privacy practice in market expansion
• Manage and lead project teams to review and assess IT environments, risks, and controls for companies that range from newly public high growth entities to the largest public companies
• Deliver security technologies such as Firewalls, VPN, IDS/IPS and Endpoint security
• Demonstrate a thorough practical and strategic understanding of complex information systems, cyber security concepts, threats, proactive defense principles, strategies and market leading solutions
• Lead project meetings, status updates, training sessions and other events as needed
• Provide relevant cybersecurity and IT security subject matter advice, findings, and recommendations
• Collaborate with team members and clients on unique strategies that will enable organizations to withstand various internal and external risks
• Foresee issues and challenges, while collaborating effectively across teams to implement creative and thoughtful solutions
• Assess Business Continuity Plan (BCP) and Incident Response (IR) Preparedness and as needed assist in the preparation of BCP and IR Tabletop Exercises
• Perform gap assessments of application/system disaster recovery plans
• Assist in the development of recovery plan documents
• Manage project delivery, customer satisfaction, and accurate timekeeping for billing purposes
• Organize and manage multiple projects, efforts, and priorities concurrently
• Provide advisory assessments in relation to cybersecurity breach prevention

Work independently on complex projects or work in a team as a project leader

• Bachelor’s degree is required in a related field; Information Systems, Computer Science, Mathematics, Economics, Business, Finance or Accounting preferred
• Minimum of 5 years of Big 4 experience or related consulting/professional services firm experience with hands-on knowledge in Cybersecurity consulting
• CISSP Certification Preferred
• Excellent project management and organizational skills
• Demonstrated ability to successfully lead teams and projects in delivering on Cybersecurity needs
• Ability to develop teams and provide feedback to assist in team members’ growth
• Knowledge and experience with the following Cybersecurity frameworks such as NIST Cybersecurity Framework ISO 270001, NIST CSF 2.0, CIS 18, PCI-DSS and MITRE ATT&CK
• Knowledge and experience with Governance and Policy Creation
• Knowledge and experience with threat modeling methodologies such as MITRE ATT&CK
• Delivery experience in executing Privacy projects and audits in support of CCPA/CPRA and GDPR compliance
• Ability to manage projects and teams according to budget while balancing team and client needs
• Please note that this opportunity will primarily only require local travel (by car), and this position will involve both on-site and remote (work from home) work