Senior Associate – Cybersecurity Risk Analyst : Bas Testing And Risk Profiling (Global Role – I...

Senior Associate – Cybersecurity Risk Analyst : BAS Testing and Risk Profiling (Global role – in a virtual working environment)

Get AI-powered advice on this job and more exclusive features.

Grant Thornton is one of the world’s leading professional services networks with member firms in over 145 countries, 80,000 people, and global revenues of $8bn. Member firms offer audit, tax, and advisory services to privately owned companies, publicly listed companies, public sector, and not-for-profit organizations, both domestically and internationally.

Grant Thornton International Ltd (GTIL) is the umbrella legal entity for the global network of member firms. GTIL sets strategic direction, connects global communities, and protects the brand and reputation of the network. The firm aims to improve sustainability and make a positive impact aligned with the UN’s SDGs.

Our vision for 2025 is to become ‘the most valued network in the profession’.

The primary purpose of this role is to support Grant Thornton International Ltd.’s internal cybersecurity adversarial exposure programme, monitoring and validating our global network's technical exposure against real-world threats.

The ideal candidate will have experience with attack surface discovery, exposure management, security controls validation, and threat intelligence technologies. Reporting to the Director of Cybersecurity Programmes, the candidate should have a strong technical background and a risk profiling mindset.

Main Responsibilities

The Senior Associate will support the implementation of the global adversarial exposure programme, including :

Security Testing

• Discover external assets and attribute them to our organization, detecting vulnerabilities, misconfigurations, and exposed threats.
• Perform security testing using Breach and Attack simulation tools for scenarios including adversarial simulations and control validation.
• Collaborate with security teams across the GT network to conduct exercises.
• Manage risk validation, attack paths, adversarial context, and threat prioritization.
• Support risk remediation workflows and notifications.
• Coordinate with cybersecurity operations to communicate and escalate risks.
• Research and report on emerging cyber threats, vulnerabilities, TTPs.
• Analyze and respond to cybersecurity risks within the organization.
• Leverage analytics and threat intelligence to develop risk profiling dashboards.
• Develop and manage risk reporting processes for adversarial exposure.

Location

UK / Europe

Person Specification

• Certifications such as CEH, CISA, OSCP are desirable.
• Experience in a similar role with attack surface discovery, exposure management, or threat intelligence.
• Strong analytical skills and ability to interpret technical data.
• Excellent verbal and written communication skills.
• Ability to prioritize and manage workload.
• Experience with red teaming or penetration testing.
• Knowledge of cybersecurity best practices and threat landscape.
• Multilingual skills are a plus.

We offer a flexible, inclusive, and supportive virtual working environment, with emphasis on work-life balance and access to digital tools and collaborative spaces.

Seniority level

• Associate

Employment type

• Full-time

Job function

• General Business, Other, and Information Technology
• Professional Services

J-18808-Ljbffr

J-18808-Ljbffr