Associate - GRC/Cybersecurity

Responsibilities

• Support delivery team in implementing cybersecurity programs aligned with SOC 2, ISO 27001, and other security and privacy frameworks
• Own day-to-day GRC platform operations, including monitoring automated testing results, tracking controls, managing evidence uploads, inputting vendor and risk records, and maintaining policy assignments
• Serve as the first line of response for audit requests, drafting initial responses and gathering information before escalating to the Client Lead for review
• Assist with recurring compliance tasks including User Access Reviews, IR/DR tabletop exercises, and Risk Assessments
• Take ownership of ad-hoc tasks such as SAQs, documentation, and one-off client requests, making a first attempt before seeking feedback
• Monitor and respond to client communications across Slack, Teams, and email, drafting proposed solutions rather than simply surfacing problems
• Contribute to client calls and weekly status updates, coordinating with delivery team members on expectations for external-facing communication
• Maintain the project management tool with accurate, up-to-date task tracking across all active engagements
• Stay current on emerging risks and evolving control practices
• Build and maintain strong industry relationships to support long-term business development
• About Riveron:
• Check us out on social media:
• LinkedIn Glassdoor Instagram Facebook

Requirements

• You have a passion for developing and maintaining client relationships
• You get the job done and have fun doing it
• You communicate skillfully with a variety of audiences and can create compelling stories from data
• You thrive in an ever-changing, dynamic work environment
• You readily identify problems and instinctively look for solutions
• You enjoy participating in internal and external company initiatives such as community service, training, recruiting, and firm events

Benefits

Additional Information

In today's dynamic environment, business leaders face constantly shifting risks. Riveron helps organizations implement leading governance, risk and compliance practices by combining deep expertise with pragmatic partnership, using a hands-on approach to understand the specific needs of the organization and create tailored solutions to address key compliance risks. Our Cyber Security Advisory (CSA) services include building GRC/Cybersecurity programs from the ground up, framework readiness, design and maintenance of critical security domains, managed internal controls testing and monitoring, co-sourced/outsourced internal audit, segregation of duties and access risk review, policy and procedure development, enterprise risk management, and IT and cybersecurity risk assessment. The Associate level position for Riveron's CSA group will work collaboratively with delivery team members who provide guidance, coaching, and direction. The role includes supporting the implementation of GRC/Cybersecurity programs, assessing the design and operating effectiveness of IT General Controls (ITGC), developing and executing remediation roadmaps, incident response, completing vendor reviews, and performing IT risk assessments. What You Have ● Bachelor's and/or Master's degree in Information Technology (IT), Computer Information Systems (CIS), Management Information Systems (MIS), or a related field ● Relevant certification preferred: CompTIA Security+, CISA, or AWS Cloud Practitioner ● Minimum 1 year of experience in an IT Audit, Cybersecurity, or IT Risk Advisory role ● Demonstrated knowledge of compliance frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST, FedRAMP, and CMMC ● Familiarity with GRC solutions, tools, and technologies

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at riveron? Share your experience