-
Cybersecurity Senior Associate (Offensive…
- Cherry Bekaert (West Warwick, RI)
-
Description
Ranked among the largest accounting and consulting firms in the country and consistently recognized as a Great Place to Work (https://www.cbh.com/about/awards-and-recognition/) , Cherry Bekaert delivers innovative advisory, assurance and tax services to our clients. At Cherry Bekaert we create shared success through teamwork, energy, and expertise. We approach today’s toughest business challenges with a client-first mindset, working together to create exceptional value. We are all committed to making a difference for our people, our clients, our community, and our professions. To meet this commitment, Cherry Bekaert will provide you with the space to pursue growth and development opportunities that will guide and support you at each stage of your personal and professional journey.
In support of our growing Information Assurance & Cybersecurity Solutions (https://www.cbh.com/services/risk-cybersecurity/cybersecurity-services/) practice, we have an excellent opportunity for a Senior Associate to join our team in the West Warwick, RI office with hybrid flexibility provided. Our ideal candidate will have demonstrated experience performing an array of technical offensive security related tasks such as red teaming, pentesting, and vulnerability, configuration & server infrastructure assessments and the capability to support security compliance engagements for frameworks including:
+ CMMC, NIST Cybersecurity Framework, NIST 800-115, NIST 800-171, NIST 800-53 (FISMA, FedRAMP, etc.)
+ ISO 27001/27002, PCI, HIPAA/HITRUST, FFIEC
+ AICPA Cybersecurity Risk Management Framework
+ AICPA SOC 1/2/3
As a Senior Associate, you will:
Maintain a strong client focus by understanding the client’s business needs while developing productive working relationships with client personnel in order to accomplish objectives across a variety of engagements related to:
Offensive Security (66%)
+ Assist in the planning, scoping, and execution of internal and external penetration tests across networks, applications, cloud environments, APIs, and mobile platforms
+ Perform vulnerability assessments using industry-standard tools (e.g., Nessus, Nmap, Burp Suite, Metasploit) and validate findings through manual techniques and exploitation
+ Conduct open-source intelligence (OSINT) gathering to support red team operations, social engineering engagements, and external threat profiling
+ Identify and exploit security weaknesses in network protocols, operating systems, web applications, and enterprise technologies
+ Prepare detailed technical reports and executive-level summaries of penetration testing results, risk ratings, and remediation recommendations
+ Maintain awareness of the latest vulnerabilities, attack techniques, threat actor tactics, and industry developments; assist in developing internal penetration testing methodologies, standard operating procedures, and security testing templates
+ Conduct cyber risk and gap assessments aligned to industry frameworks such as NIST Cybersecurity Framework (CSF), NIST 800-53, HIPAA Security Rule, ISO 27001, and CIS Controls
+ Mentor junior team members and assist in the knowledge transfer of offensive security skills and tools
Security Compliance (33%)
+ Support and conduct CMMC Level 1–3 assessments, SOC 1 and SOC 2 engagements, including control validation, evidence collection, and gap analysis
+ Perform walkthroughs and interviews with key stakeholders to assess cybersecurity and compliance control design and effectiveness
+ Review and evaluate evidence for CMMC, SOC 1, and SOC 2 engagements to determine control implementation and maturity
+ Document testing procedures, assessment findings, and conclusions in a clear, organized, and audit-ready manner
+ Draft formal deliverables such as CMMC readiness reports, SOC 1/SOC 2 control narratives
What you bring to this role:
+ Bachelor’s Degree, preferably in Information Security, Information Systems, Computer Science, Accounting or Mathematics
+ Minimum 2+ years of relevant offensive security/security compliance experience, preferably in a client-facing capacity within a consulting firm
+ Understanding of technology risk management and IT governance principles and familiarity with cybersecurity solution offerings used to meet business and technical objectives
+ Working knowledge of Microsoft, Linux & OSX operating systems
+ Practical experience with IDAM, Active Director/LDAP and other authentication technologies
+ Familiarity with cloud environments and technologies
+ Strong project management skills, ability to multi-task and attention to detail
+ Travel as needed, not expected to exceed 15%
Additional, nice to have qualifications:
+ Relevant professional designations completed or in process (ex. CEH, OSCP, SANS, CompTia Pentest+, CISA, CISSP, etc.)
+ Knowledge of scripting languages commonly used in cybersecurity (ex. Python, Javascript, PowerShell, etc.)
+ Exposure to the use of AI for repeatable offensive security tasks
What we offer you:
+ Our shared values that foster inclusion and belonging include uncompromising integrity, collaboration, trust, and mutual respect
+ The opportunity to innovate and do work that motivates and engages you
+ A collaborative environment focused on enabling you to further your career growth and continuous professional development
+ Competitive compensation and a total rewards package that focuses on all aspects of your wellbeing
+ Flexibility to do impactful work and the time to enjoy your life outside of work
+ Opportunities to connect and learn from professionals from different backgrounds and with different cultures
Pay Range:
$89,993 to $125,000
About Cherry Bekaert
Cherry Bekaert, ranked among the largest assurance, tax and advisory firms in the U.S., serves clients across industries in all 50 U.S. states and internationally. For more details, visit https://www.cbh.com/disclosure/
Cherry Bekaert provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, citizenship status, protected veteran status, disability status, or any other category protected by applicable federal, state or local laws. https://careers.cbh.com/legal-disclosures/ contains further information regarding the firm's compliance with federal, state and local recruitment and hiring laws.
This role is expected to accept applications for at least five calendar days and may continue to be posted until a qualified applicant is selected or the position has been cancelled.
Candidates must demonstrate eligibility to work in the United States. Cherry Bekaert will not provide work sponsorship for this position.
Cherry Bekaert LLP and Cherry Bekaert Advisory LLC are members of Allinial Global, an accountancy and business advisory global association. Visit us at https://careers.cbh.com/ and follow us on LinkedIn, Glassdoor (https://www.glassdoor.com/Overview/Working-at-Cherry-Bekaert-EI\_IE31120.11,25.htm) , Instagram (https://www.instagram.com/cherrybekaert) , Twitter (https://twitter.com/cherrybekaert) and Facebook (https://www.facebook.com/CherryBekaertCB) .
• 2025 Cherry Bekaert. All Rights Reserved.
No Agency Candidates Please
\#LI-SG1 #LI-Hybrid
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws.
For further information, please review the Know Your Rights (https://www.eeoc.gov/poster) notice from the Department of Labor.
-
Recent Searches
- Vice President Data Analytics (Texas)
- Office Assistant Front Desk (Oregon)
- Field Instructor (Oregon)
- Concrete Worker (Texas)
Recent Jobs
-
Cybersecurity Senior Associate (Offensive Security)
- Cherry Bekaert (West Warwick, RI)
-
Aquatics Program Manager NF-04
- Army Installation Management Command (Lewis County, WA)
-
Operator - Device Assembly & Packaging - Fulltime - $3,000 Sign-on Bonus - Starting at $22/hour + Benefits - Night Shift
- Lilly (Indianapolis, IN)
-
Youth Program Intern - Fall
- International Rescue Committee (Silver Spring, MD)