Senior associate, Cybersecurity

Grant Thornton UK LLP is part of a global network of independent audit, tax and advisory firms, made up of some 73,000 people in over 150 countries. We're a team of independent thinkers who put quality, inclusion and integrity first. All around the world we bring a different experience to our clients. A better experience. One that delivers the expertise they need in a way that goes beyond. Personal, proactive, and agile. That's Grant Thornton.

Overall role purpose

In our Go Beyond network strategy 2025 our vision is to become ‘the most valued network in the profession’.

The primary purpose of this role is supporting the planning, implementation and monitoring of risk management and quality activities, that relate to GTIL’s cybersecurity programmes and Member Firm’s compliance with the organisation’s global cybersecurity standards.

The role works closely with the Global Head of Cybersecurity, the Director of Cybersecurity Programmes and liaises with the Project Management Office (PMO). The ideal candidate will have experience in project management, IT solutions administration and will bring strong communications and reporting experience to the team.

Main responsibilities

Project Management

• Manage the establishment of new cybersecurity and risk management projects as presented by Global Head of Cybersecurity and the Director of Cybersecurity Programmes.
• Liaising with the PMO to support delivery of the various project lifecycle stages including Initialisation, Planning, Execution, Monitoring/Control and Closing.
• Administration of project Integration, Scope, Timelines, Costs, Quality, Human Resources, Communications, Risk, Procurement and Stakeholders.
• Tracking and reporting of project statuses, appropriate escalation and a drive to overcome unforeseen issues.
• Act as the liaison for project stakeholders and technical team.
• Produce communications and reporting in different formats for different audiences (e.g. project teams and executive level).

Global Compliance Programmes

• Contribute towards the implementation of cybersecurity programmes such as the Global Cybersecurity Compliance Review (GCCR) programme.
• Monitor the various delivery phases of the programmes including establishment of new reviews, surveys, evidence and data gathering, assessment, reporting and remediation.
• Management of other ongoing project lifecycle and operational areas as outlined above.

Cybersecurity and Risk Management Technology

• Support the rollout and adoption of cybersecurity and risk management technologies to the network.
• Support efforts to mature GTIL’s internal processes and procedures in relation to cybersecurity and risk management technology.
• Maintain the critical repositories in support of cybersecurity compliance and risk management, including internal SharePoint, Intranet and risk registry platforms.
• Administration of external risk and compliance monitoring platforms, supporting collaboration with GTIL security analysts.

Engagement and Communications

• Engage with both internal and external senior stakeholders including IT and security leaders, senior leadership teams and other relevant internal teams.
• Prepare communications, reports and alerts related to the teams’ activities, projects, and initiatives.
• Serve as a point of contact for member firms in relation to Cybersecurity programme related queries; Manage programme mailboxes; Assess and triage accordingly.
• Collaborating with Member Firms to ensure successful resolution or escalation of challenges and issues.
• Monitor and report mechanisms for Cybersecurity Transparency via IT platforms, databases, and executive reporting.
• Promote cross-functional coordination between projects and teams.
• Establish and maintain a collaborative working relationship across GTIL, the Member Firms and vendors.

Education / Qualifications

• ‘Certified Associate Project Management’ (CAPM) or ‘Projects IN Controlled Environments’ (PRINCE2 Foundation) certification, to demonstrate core project framework knowledge and relevant industry experience.

Proven Experience

• Proven experience (2+ years) of project management in medium-large organisations.
• Experience supporting full project lifecycle across initialisation, planning, execution and monitoring.
• High attention to detail, accuracy and strict maintenance of confidentiality.
• Strong organisational and communication skills, with an ability to balance multiple competing priorities.
• Strong relationship skills and cultural awareness, the ability to work well with people from different disciplines and cultures.
• Ability to be agile, respond positively to change and contribute with an innovative and global mindset.
• Ability to motivate and steer stakeholders, internal teams, cross functional teams, and external parties.
• Proficiency with Microsoft Office suite (compilation and preparation of reports, presentations and communications).

Experience - Desirable

• Work experience within professional services industry (e.g. accountancy, consulting, legal).
• Knowledge of cybersecurity/IT operations and compliance frameworks.
• Knowledge of Governance, Risk and Compliance (GRC) solutions (e.g. OneTrust)