Exp. Associate, Cyber Risk & Compliance

Job Description

Job Summary:

We are currently looking for an Experienced Associate for our Data & Information Governance team. BDO is a go-to firm for multi-national companies to meet their complex cyber, data protection, and compliance needs. Leveraging our global network, expertise, and technology, our professionals deploy a client centric, agile approach to work seamlessly and efficiently to identify, mitigate and manage risk within client organizations. Our professionals work with clients to implement holistic data governance programs that can adapt to global data protection requirements and obligations while aligning them to their business strategies. Professionals will support client engagements related to data and information governance, data handling, and information protection practices.

Job Duties:

Participates in client interviews with data owners, data stewards, and other stakeholders to document data governance processes, data flows, and control activities
Conducts assessments of client privacy and data governance programs using established frameworks, regulations, and data governance standards, including DAMA-based concepts and practices
Works with data mapping exercises to identify data creation, storage, access, transmission, sharing, and retention practices
Reviews data handling practices against established data governance, security, and records management best practices
Assesses data classification processes and data asset classification requirements across client environments
Reviews CASB logs and reporting to identify potential policy violations, data exposure trends, and anomalous data sharing activity and makes recommendations based on findings
Assesses security controls related to data access, retention, sharing, and protection across collaboration platforms and repositories and makes recommendations based on findings
Pulls and analyzes metadata and access reports from SharePoint and Microsoft Teams and makes recommendations based on findings
Generates and reviews reports (e.g., Netskope, Purview) to support assessments of data movement, access, and policy compliance
Assesses data sharing practices to identify inappropriate access, external exposure, and governance control gaps
Records and assesses compliance with data retention requirements, access controls, and information handling standards
Identifies remediation opportunities and develops practical recommendations for control enhancement and process improvement
Drafts policies, standards, procedures, and process documentation aligned with governance objectives and applicable legal and regulatory requirements
Prepares project documentation, findings summaries, status updates, and client deliverables
Presents findings, risks, and recommendations to management-level client stakeholders
Tracks project activities, findings, dependencies, and status updates in JIRA
Collaborate with internal engagement teams and client stakeholders to support project execution and timely delivery
Supports multiple client engagements while maintaining quality, accuracy, and adherence to deadlines
Communicate status, issues, and priorities to client stakeholders and leadership.
Ability to travel up to 20%, required
Other duties as required

Supervisory Responsibilities:
N/A

Qualifications, Knowledge, Skills, and Abilities:

Education:
Bachelor's Degree in Computer Science, Engineering, Cybersecurity, or Information Technology, required

Experience:
Two (2) or more years of experience in a data or information governance related field (e.g., information security, IT, or data privacy), required
One (1) or more years experience leading stakeholder interviews and documenting business and technical processes, required
Six (6) months or more experience conducting data mapping, control assessments, or information governance reviews, required
Six (6) months or more experience with SDLC delivery models, specifically working within them in blended resource pools (i.e. client resources, BDO resources, and third-party vendors), required
Experience presenting findings and recommendations to senior client stakeholders, required
Experience assessing data classification, access controls, data sharing, and retention practices, required
Experience in a client-facing professional services environment, preferred

License/Certification:
Other certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), or Certified Information Security Manager (CISM), Certified Data Management Professional (CDMP), preferred

Software:
Proficiency in Microsoft office suite, required
Experience with scanning tools, such as Microsoft Purview, Varonis, preferred
Experience with ServiceNow, JIRA, and other project management and ticketing tools, preferred

Languages:
N/A

Other Knowledge, Skills, and Abilities:
Demonstrated consulting, interpersonal and client relationships skills
Excellent verbal and written communication skills
Ability to identify issues and anomalies through review of supporting information
Solid organizational skills, especially ability to meet project deadlines with a focus on details
Ability to multi-task while working independently or within a group environment
Ability to work in a deadline-driven environment and contribute to multiple projects simultaneously

Individual salaries that are offered to a candidate are determined after consideration of numerous factors including but not limited to the candidate's qualifications, experience, skills, and geography.

National Range: $75,000 - $95,000
Maryland Range: $75,000 - $95,000
NYC/Long Island/Westchester Range: $75,000 - $95,000

About Us

Join us at BDO, where you will find more than a career, you'll find a place where your work is impactful, and you are valued for your individuality. We offer flexibility and opportunities for advancement. Our culture is centered around making meaningful connections, approaching interactions with curiosity, and being true to yourself, all while making a positive difference in the world.

At BDO, our purpose of helping people thrive every day is at the heart of everything we do. Together, we are focused on delivering exceptional and sustainable outcomes and value for our people, our clients, and our communities. BDO is proud to be an ESOP company, reflecting a culture that puts people first, by sharing financially in our growth in value with our U.S. team. BDO professionals provide assurance, tax and advisory services for a diverse range of clients across the U.S. and in over 160 countries through our global organization.

BDO is the first large accounting and advisory organization to implement an Employee Stock Ownership Plan (ESOP). A qualified retirement plan, the ESOP offers participants a stake in the firm's success through beneficial ownership and a unique opportunity to enhance their financial well-being. The ESOP stands as a compelling addition to our comprehensive compensation and Total Rewards benefits* offerings. The annual allocation to the ESOP is fully funded by BDO through investments in company stock and grants employees the chance to grow their wealth over time as their shares vest and grow in value with the firm's success, with no employee contributions.

We are committed to delivering exceptional experiences to middle market leaders by sharing insight-driven perspectives, helping companies take business as usual to better than usual. With industry knowledge and experience, a breadth and depth of resources, and unwavering commitment to quality, we pride ourselves on:

• Welcoming diverse perspectives and understanding the experience of our professionals and clients
• Empowering team members to explore their full potential
• Our talented team who brings varying skills, knowledge and experience to proactively help our clients navigate an expanding array of complex challenges and opportunities
• Celebrating ingenuity and innovation to transform our business and help our clients transform theirs
• Focus on resilience and sustainability to positively impact our people, clients, and communities
• BDO Total Rewards that encompass so much more than traditional "benefits." Click here to find out more!

*Benefits may be subject to eligibility requirements.

Equal Opportunity Employer, including disability/vets

Click here to find out more!