Senior Associate – Cybersecurity Risk Analyst (Global role – in a virtual working environment)

Grant Thornton International Ltd
united kingdom, united kingdom
1 month ago
Create job alert

About Grant Thornton


Grant Thornton is one of the world’s leading professional services networks with over 68,000 people from member firms in over 140 markets around the world generating global revenues of USD7.2 billion a year. Member firms offer audit, tax, and advisory services to privately owned companies, publicly listed companies, public sector and not for profit organisations, both domestically and internationally.


Grant Thornton International Ltd (GTIL) is the umbrella legal entity for the Grant Thornton global network of member firms. GTIL sets the strategic direction, convenes member firms, connects global communities, and protects the brand and reputation of the network. GTIL and the member firms will continually improve the sustainability of their operations and strive to make a positive impact on clients, people, markets, and the communities in which we operate, in line with the UN’s Sustainable Development Goals (SDGs).


Role purpose


In our Go Beyond network strategy 2025 our vision is to become ‘the most valued network in the profession’.


The primary purpose of this role is to support Grant Thornton International Ltd.’s internal cybersecurity adversarial exposure programme, which monitors and validates the technical exposure of our global network of Member Firms against real world cybersecurity threats.

The ideal candidate will have experience with attack surface discovery, exposure management, security controls validation and threat intelligence technologies. Reporting directly to the Director of Cybersecurity Programmes within our compliance workstream, the candidate will bring a strong technical background, combined with an articulate risk profiling mindset.


Main Responsibilities


The Senior Associate will support with the implementation of the global adversarial exposure programme, including:

Exposure Management

  • Continuously discover external assets and attribute them to members of our organisation. This insight detects a wide range of exposures, including high risk vulnerabilities, misconfigurations, exploitable administration paths, and additional types of exposed threats.
  • Collaboration with various operation security teams across the GT network to conduct security control validation exercises
  • Manage risk validation to identify attack paths, adversarial context and threat prioritisation.
  • Manage notifications and workflows to support risk remediation processes.

Operational Liaison

  • This role will also liaise closely with the cybersecurity operations team to manage the mutual communication and escalation of identified risks between cyber operations and compliance workstreams.
  • Support the research, analysis and reporting of emerging cyber threats, vulnerabilities, tactics, techniques, and procedures (TTPs)

Risk Profiling

  • Support the analysis, classification, and response to cybersecurity risks within the organisation.
  • Leverage analytics, threat intelligence and other risk indicators from common global security platforms, to develop and manage risk profiling algorithms and dashboards.
  • Develop and manage risk reporting processes for adversarial exposure, to support cybersecurity workstreams and broader risk governance.


Location


Ideally within UK/Europe or America's region.


Person Specification


  • Bachelor’s degree in IT/Computer Science desirable
  • Technical certifications are desirable
  • Certified Ethical Hacker (CEH) – EC Council
  • Certified Information Systems Auditor (CISA) – ISACA
  • Offensive Security Certified Professional (OSCP) – Offsec


Experience - essential

  • Demonstrable compliance or operational experience in a similar role.
  • Prior experience with attack surface discovery, exposure management, security controls validation and/or threat intelligence technologies.
  • Analytical skills to collect, analyse and interpret technical information and/or data into useful insight
  • Excellent communication skills, both verbal and written, with the ability to initiate and lead conversations with various stakeholders
  • Ability to prioritise and manage a varying workload


Experience - desirable

  • Operational delivery of red teaming or penetration testing exercises
  • Understanding of cyber security best practices including knowledge of the general cyber threat landscape and common security controls architecture.
  • Due to the global scope of the role, any multi-language capability would be desirable


Benefits

There are many benefits of being part of Grant Thornton International, working with a global and diverse team in a virtual setting is just one of them. We pride ourselves on our inclusive culture and believe it's one of our most valuable assets.


We also recognise the importance of time off at Grant Thornton International. Taking time away can lead to improved wellbeing and better productivity, which is why we don’t cap your leave. So if you need to take that extra Friday off (and Monday too), no problem.


We believe work is no longer a location, it is what we do. This should help all of us deliver our best work, while achieving the right balance in our lives. We want to build a culture of virtual inclusivity. One where all our people have the ability to choose what works best for them but also provides our people the best shared working experience utilising the digital tools we have available. GTIL will provide individuals with the necessary support and equipment to work effectively from home. We also have a collaborative space to offer should you prefer working outside of your home.

Related Jobs

View all jobs

Microsoft Entra and Purview Engineer/ Architect

Cyber Security Engineer

Senior Cyber Security Engineer

OT / ICS Cybersecurity Consultants

Cyber Security Architect

Chief Information Security Officer

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Job-Hunting During Economic Uncertainty: Cyber Security Edition

The cybe rsecurity sector sits at the forefront of today’s digital landscape, defending businesses and governments alike from increasingly sophisticated threats. From incident response and network security to cloud protections and zero-trust architectures, cyber security professionals tackle an ever-evolving array of challenges. Yet, even this mission-critical field is not immune to economic turbulence. When broader financial markets experience uncertainty—whether through global recessions, regional downturns, or unexpected macro events—the hiring climate can shift, making roles more selective and budgets tighter. For job seekers in cyber security, this can be disconcerting. You might discover that once-abundant vacancies have become scarce, competition for the remaining positions is fiercer, or company priorities pivot away from large-scale expansions toward essential, cost-justified security projects. At the same time, data breaches and cyberattacks don’t pause during economic slowdowns—if anything, they may escalate as bad actors exploit organizational vulnerabilities. This paradox means that while the market feels tough, demand for cyber security expertise remains robust. In this article, we’ll look at: Why economic uncertainty affects cyber security hiring trends. Strategies for staying competitive, even if the number of open roles shrinks. Methods to highlight your skills, adapt to shifting priorities, and network effectively. Approaches for preserving mental well-being during prolonged searches or uncertain feedback loops. How www.cybersecurityjobs.tech can help you find the ideal security-focused role. By proactively sharpening your skill set, tailoring your professional profile, and engaging with a focused community, you can secure a rewarding cyber security job—even when the broader market feels volatile.

Careers

How to Achieve Work-Life Balance in Cyber Security Jobs: Realistic Strategies and Mental Health Tips

Cyber security is one of today’s most vital and rapidly expanding sectors. As data breaches, ransomware, and other cyber threats continue to evolve, the demand for skilled professionals is surging across industries—from finance and healthcare to government and e-commerce. Whether you’re a penetration tester, security analyst, or threat intelligence expert, you play a key role in safeguarding digital infrastructure and sensitive information. This high-stakes environment, however, often comes with intense pressure. Long hours, constant vigilance, and an ever-changing threat landscape can make it challenging to find time for personal well-being. Many cyber security specialists report difficulty striking a sustainable work-life balance, unsure if it’s even possible in a field that never truly sleeps. Yet, as concerns about mental health and burnout become more pressing, professionals and employers alike are seeking better ways to combine career advancement with a fulfilling personal life. In this comprehensive article, we’ll explore how to achieve a work-life balance in cyber security. You’ll discover strategies for managing 24/7 threat alerts, the importance of realistic expectations, ways to maintain mental health in high-intensity roles, and tips for setting boundaries without compromising your professional growth. Whether you’re new to this dynamic arena or already an established specialist, these insights can help you thrive personally and professionally in the fast-paced world of cyber security.

Careers

Transitioning from Academia to the Cyber Security Industry: How Researchers Can Harness Their Skills to Protect Commercial Environments

Cyber security has become a mission-critical field in an era where data breaches, ransomware attacks, and sophisticated hacking techniques threaten businesses and public institutions alike. As digital transformation touches nearly every facet of modern life, the need for highly skilled individuals capable of defending systems and networks continues to grow. For PhDs and academic researchers with expertise in areas like cryptography, network security, or threat intelligence, this presents an exciting opportunity to deploy your analytical prowess in a high-impact, fast-paced commercial setting. In this guide we’ll explore how academics can successfully pivot from the research lab to the cyber security industry. Learn how to apply rigorous, theory-driven approaches to real-world challenges, from designing secure software architectures to neutralising advanced persistent threats. By embracing the industry’s urgency and end-to-end mindset, you can transform your scholarly insights into robust, market-facing security solutions that protect companies and users on a global scale.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.