Senior Associate- Security Compliance Analyst at EisnerAmper

Job DescriptionAt EisnerAmper we look for individuals who welcome new ideas encourage innovation and are eager to make an impact. Whether youre starting out in your career or taking your next step as a seasoned professional the EisnerAmper experience is one-of-a-kind. You can design a career youll love from top to bottom we give you the tools you need to succeed and the autonomy to reach your goals.EisnerAmper is looking to hire a Senior Associate to join its Risk & Compliance Services practice as a dedicated member of the IT Risk Data Privacy & Security team. We are seeking a Cybersecurity Compliance Analyst with a strong technical foundation in vulnerability and penetration testing to support our clients compliance audit and risk programs. This role is ideal for someone who understands security tools and testing techniques but applies them in a compliance-focused environmentvalidating controls interpreting technical evidence and helping clients understand their security posture.What it Means to Work for EisnerAmper:You will get to be part of one of the largest and fastest growing accounting and advisory firms in the industryYou will have the flexibility to manage your days in support of our commitment to work/life balanceYou will join a culture that has received multiple top Places to Work awardsWe believe that great work is accomplished when cultures ideas and experiences come together to create new solutionsWe understand that embracing our differences is what unites us as a team and strengthens our foundationShowing up authentically is how we both as professionals and a Firm find inspiration to do our best workWhat Work You Will be Responsible For:Perform vulnerability assessments across Windows and Linux environments to support compliance and audit requirements.Use Kali Linux or similar platforms (Parrot OS BlackArch) to perform reconnaissance validate control effectiveness and gather technical evidence.Leverage tools such as Nmap Burp Suite Metasploit and Wireshark to identify risks and confirm whether security controls are operating as intended.Support IT audit teams by interpreting scan results validating configurations and documenting technical evidence.Evaluate basic web application security risks using the OWASP Top 10 as a reference framework.Use scripting (Bash Python PowerShell) to automate evidence gathering or streamline validation tasks.Prepare clear client-ready documentation explaining findings risk impacts and compliance implications.Communicate technical concepts to non-technical stakeholders in a clear and professional manner.Basic Qualifications:Bachelors Degree23 years of hands-on experience performing penetration testing or vulnerability assessments in Windows/Linux environments.Experience with Kali Linux or similar testing distributions.Familiarity with core tools: Nmap Burp Suite Metasploit Wireshark.Understanding of OWASP Top 10 and basic web application security concepts.Basic scripting knowledge (Bash Python or PowerShell).CEH or similar certification.Preferred/Desired Qualifications:Strong documentation and communication skills for client-facing compliance work.Someone who enjoys the technical side of security but can pivot that knowledge into structured compliance work.Comfortable reviewing configurations validating controls and making technical findings understandable for auditors and business leaders.Detail-oriented methodical and able to connect technical testing results to compliance frameworks.EisnerAmper is proud to be a merit-based employer. We do not discriminate on the basis of veteran or disability status orany protected characteristics under federal state or local law.About our Risk & Compliance Team:Specializing in services such as risk advisory and technology risk RCS employees arent just passionate about technology but we see it as our driving force for innovation and forward thinking. Were committed to serving as advocates to our clients enabling them to navigate transform secure and maintain processes and controls they need to reach their unique goals. Whether its complying with a new regulatory requirement or automating controls within a process providing peace of mind for those whats next moments is our mantra and unique promise to clients.Risk & Compliance Services employees are encouraged to think like an owner when supporting clients. Through this entrepreneurial and business-first mindset were pushed to take a step outside of our comfort zones and deliver solutions that both create a lasting business impact for our clients and allow us to grow as professionals.Our core values of trust integrity and accountability allow us to act as strategic innovators. Because when we build trust with each other we can bring new ideas to the table and execute them without fear of failure.About EisnerAmper:EisnerAmper is one of the largest accounting tax and business advisory firms with approximately 450 partners and 4500 employess across the world. We combine responsiveness with a long-range perspective; to help clients meet the pressing issues they face today and position them for success tomorrow.Our clients are enterprises as diverse as sophisticated financial institutions and start-ups global public firms and middle-market companies as well as high net worth individuals family offices not-for-profit organizations and entrepreneurial ventures across a variety of industries. We are also engaged by the attorneys financial professionals bankers and investors who serve these clients.Should you need any accommodations to complete this application please email: #LI- Remote#LI- Hybrid#LI- LH1Preferred Location:Baton RougeFor NYC and California the expected salary range for this position is between80000and115000The range for the position in other geographies may vary based on market actual compensation will be determined based on experience and other factors permitted by law.Required Experience:Senior IC Key Skills Security Management,Sensitive Information Management,Pressure Management,Risk Analysis,Access Control,Safety Procedures,Security Measures,Security Training,Risk Assessment,Access Point,Security Checks,Detect Signs,Safe Environment,Security System,Security Reports Employment Type : Full-Time Experience: years Vacancy: 1