Exp. Associate, Cyber Data Protection & Compliance
Job Summary
We are currently looking for an Experienced Associate for our Data & Information Governance team. BDO is a go-to firm for multi-national companies to meet their complex cyber, data protection, and compliance needs. Leveraging our global network, expertise, and technology, our professionals deploy a client-centric, agile approach to work seamlessly and efficiently to identify, mitigate, and manage risk within client organizations.
About the Role
Join us at BDO, where you will find more than a career, you'll find a place where your work is impactful, and you are valued for your individuality. We offer flexibility and opportunities for advancement. Our culture is centered around making meaningful connections, approaching interactions with curiosity, and being true to yourself, all while making a positive difference in the world.
Job Duties
- Participates in client interviews with data owners, data stewards, and other stakeholders to document data governance processes, data flows, and control activities
- Conducts assessments of client privacy and data governance programs using established frameworks, regulations, and data governance standards, including DAMA-based concepts and practices
- Works with data mapping exercises to identify data creation, storage, access, transmission, sharing, and retention practices
- Reviews data handling practices against established data governance, security, and records management best practices
- Affairs with data classification processes and data asset classification requirements across client environments
- Assesses CASB logs and reporting to identify potential policy violations, data exposure trends, and anomalous data sharing activity and makes recommendations based on findings
- Assesses security controls related to data access, retention, sharing, and protection across collaboration platforms and repositories and makes recommendations based on findings
- Pulls and analyzes metadata and access reports from SharePoint and Microsoft Teams and makes recommendations based on findings
- Generates and reviews reports (e.g., Netskope, Purview) to support assessments of data movement, access, and policy compliance
- Affairs with data retention requirements, access controls, and information handling standards
- Identifies remediation opportunities and develops practical recommendations for control enhancement and process improvement
- Drafts policies, standards, procedures, and process documentation aligned with governance objectives and applicable legal and regulatory requirements
- Prepares project documentation, findings summaries, status updates, and client deliverables
- Presents findings, risks, and recommendations to management-level client stakeholders
- Tracks project activities, findings, dependencies, and status updates in JIRA
- Collaborates with internal engagement teams and client stakeholders to support project execution and timely delivery
- Supports multiple client engagements while maintaining quality, accuracy, and adherence to deadlines
- Communicates status, issues, and priorities to client stakeholders and leadership
Qualifications, Knowledge, Skills, and Abilities
- Bachelor's Degree in Computer Science, Engineering, Cybersecurity, or Information Technology, required
- Two (2) or more years of experience in a data or information governance related field (e.g., information security, IT, or data privacy), required
- Six (6) months or more experience leading stakeholder interviews and documenting business and technical processes, required
- Six (6) months or more experience conducting data mapping, control assessments, or information governance reviews, required
- Six (6) months or more experience with SDLC delivery models, specifically working within them in blended resource pools (i.e. client resources, BDO resources, and third-party vendors), required
- One (1) or more years experience presenting findings and recommendations to senior client stakeholders, required
- Six (6) months or more experience assessing data classification, access controls, data sharing, and retention practices, required
- Experience in a client-facing professional services environment, preferred
- Other certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP), or Certified Information Security Manager (CISM), Certified Data Management Professional (CDMP), preferred
- Software proficiency in Microsoft office suite, required
- Experience with scanning tools, such as Microsoft Purview, Varonis, preferred
- Experience with ServiceNow, JIRA, and other project management and ticketing tools, preferred
Education
Education Qualifications, Knowledge, Skills, and Abilities: Bachelor's Degree in Computer Science, Engineering, Cybersecurity, or Information Technology, required
Pay
National Range: $75,000 - $95,000
Maryland Range: $75,000 - $95,000
NYC/Long Island/Westchester Range: $75,000 - $95,000
About Us
Join us at BDO, where you will find more than a career, you’ll find a place where your work is impactful, and you are valued for your individuality. We offer flexibility and opportunities for advancement. Our culture is centered around making meaningful connections, approaching interactions with curiosity, and being true to yourself, all while making a positive difference in the world.
Benefits
Benefits may be subject to eligibility requirements. Equal Opportunity Employer, including disability/vets Click here to find out more!