IT Audit, Risk and Cybersecurity - Experienced Associate

CohnReznick is one of the nation’s top professional services firms, creating rewarding careers in advisory, assurance, and tax. They are seeking an Experienced Associate to join their IT Audit and Cybersecurity team within the Risk Advisory practice, responsible for executing IT audits, risk management, and cybersecurity assessments for a diverse client base.ResponsibilitiesExecute and support risk‑based IT audits and IT risk assessments, including evaluation of IT general controls (ITGCs), automated application controls, and key technology‑enabled business processesAssess control design and operating effectiveness across domains such as access management, change management, system development lifecycle (SDLC), incident response, and vendor management. Support SOX‑relevant IT controls testing, internal audit co‑sourcing, and other compliance‑driven engagements as applicableIdentify control gaps, assess risk impact, and develop clear, actionable recommendations for remediationPerform cybersecurity assessments and readiness reviews aligned to CMMC, NIST SP 800‑171, NIST CSF, ISO27001, and other recognized frameworksSupport or lead CMMC gap assessments, readiness assessments, and advisory activities for organizations in the Defense Industrial Base (DIB)Assist in evidence collection, validation, and analysis for cybersecurity and compliance assessmentsContribute to development of client deliverables, including assessment reports, risk summaries, and management presentationsSimultaneously serve multiple engagements while maintaining high quality standardsWork with clients in a broad array of industries including information technology, financial services, retail & consumer products, pharmaceuticals, electronics, manufacturing, media, and government contracting etcFacilitate client interviews and walkthroughs to understand IT environments, security controls, and operational processesEnsure workpapers and deliverables meet quality, consistency, and documentation standardsUnderstand clients’ organizations and provide value-added solutions and best practicesIdentify emerging risks, trends, and improvement opportunities for clientsShare knowledge and best practices related to IT audit, cybersecurity, and CMMC requirementsContribute to internal methodology development, tools, and training initiativesSkillsBachelor's degree in Information Systems, Computer Science, Accounting, Cybersecurity, or a related field1+ years of relevant experience in IT audit, IT risk, cybersecurity, or technology advisory rolesHands‑on experience performing IT audits, IT risk assessments, or cybersecurity assessmentsStrong understanding of internal controls, risk management concepts, and common cybersecurity frameworksBackground and understanding of the risks and controls in technologies such as web, cloud, client/server, open systems architecture, data warehousing, and imagingProficient understanding of cloud security, Identity and Access Management, ERP, Operating Systems, Databases, and Network Infrastructure componentsKnowledge of risk and controls related to emerging technologies such as AI, blockchain, and automationWorking knowledge of Cloud Security Framework, General Data Protection Requirement (GDPR), COBIT 5, ISO 27001/2, HIPAA, California Consumer Protection Act (CCPA), NIST 800-171/800-53/NIST 800-37Excellent written and verbal communication skills, with the ability to explain technical concepts to non‑technical audiencesAbility to manage multiple priorities and work effectively in a client‑facing consulting environmentParticipate in business development activities such as proposal writing, professional networking, and thought leadership developmentAbility to work onsite 3 days per week, and travel up to 50% (domestic and international)Certified Information Systems Auditor (CISA) – strongly preferredCertified CMMC Assessor (CCA) or active progress toward CMMC Assessor certification – strongly preferredAdditional certifications a plus, such as experience supporting federal, government contractor, or regulated industry clientsBenefitsDiscretionary performance bonusGenerous paid time offExpanded, and inclusive parental benefitsAccess to best-in-class learning and development platformsCompany OverviewCohnReznick LLP provides clients with forward thinking advice that helps them navigate complex business and financial issues. It was founded in 1919, and is headquartered in New York, New York, USA, with a workforce of 5001-10000 employees. Its website is http://www.cohnreznick.com/.Company H1B SponsorshipCohnReznick has a track record of offering H1B sponsorships, with 9 in 2025, 21 in 2024, 37 in 2023, 15 in 2022, 18 in 2021, 21 in 2020. Please note that this does not guarantee sponsorship for this specific role.



Apply To This Job