Jobs at Protiviti

Lead cybersecurity and privacy strategy and delivery for clients: design zero-trust, IAM/PAM, SIEM/SOAR, DLP, cloud and endpoint security, align governance to frameworks (NIST, ISO27001, SOC2, PCI-DSS), drive automation, mentor teams, and advise CISOs.

Lead end-to-end internal audit engagements, manage project teams, evaluate control strengths/weaknesses, communicate findings and recommendations to clients, prepare audit reports, and travel to client sites as required.

Lead Protiviti's IT Audit & Technology Assurance practice by managing a portfolio of engagements, ensuring quality and risk controls, serving as primary client contact, driving commercial outcomes and proposals, contributing to practice development, and integrating solutions across service lines. Deliver and review assurance work covering cybersecurity, data governance, privacy, ITGC, gen AI and third-party risk.

Lead technical cybersecurity assessments and architectures across cloud, network, application, and endpoints; conduct threat modeling and gap analyses; design IAM, DLP and privacy controls; oversee remediation, mentor teams, and manage client engagements to improve security posture and compliance.

Lead and manage a portfolio of IT audit and technology assurance engagements. Oversee engagement quality, budgets, client relationships, proposals and practice development. Provide strategic advisory on cybersecurity, data governance, privacy, ITGC, generative AI and third-party risk; integrate solutions across service lines and contribute to internal training and go-to-market initiatives.

Lead delivery of technology assurance internal audits (ITGC, cybersecurity, data governance, privacy, third-party risk). Scope and plan engagements, execute testing, draft technical reports, manage timelines and budgets, support business development, and coach junior staff.

Lead cybersecurity and privacy engagements: define strategy, architect identity-centric and zero-trust solutions, oversee security operations (SIEM/SOAR, EDR/XDR), implement data protection and compliance (NIST, ISO27001, SOC2, PCI-DSS), and mentor multidisciplinary teams while driving business development and client relationships.

Lead and execute internal audit engagements: plan risk assessments, perform fieldwork and testing, identify control issues, supervise consultants, prepare audit reports, present findings to management, manage multiple projects, and support clients in control improvement and compliance with frameworks.

Manage client engagements delivering technology risk, privacy, business continuity and operational resilience services. Assess regulatory compliance (CPS 230/234, SOCI, DORA), develop frameworks, policies and procedures, benchmark capabilities, lead delivery teams, coach juniors, and improve clients' technology risk posture.