Senior Associate- Security Compliance Analyst

Job Description

At EisnerAmper, we look for individuals who welcome new ideas, encourage innovation, and are eager to make an impact. Whether you're starting out in your career or taking your next step as a seasoned professional, the EisnerAmper experience is one-of-a-kind. You can design a career you'll love from top to bottom - we give you the tools you need to succeed and the autonomy to reach your goals.

EisnerAmper is looking to hire a Senior Associate to join its Risk & Compliance Services practice as a dedicated member of the IT Risk, Data Privacy & Security team. We are seeking a Cybersecurity Compliance Analyst with a strong technical foundation in vulnerability and penetration testing to support our clients' compliance, audit, and risk programs. This role is ideal for someone who understands security tools and testing techniques but applies them in a compliance-focused environment-validating controls, interpreting technical evidence, and helping clients understand their security posture.

What it Means to Work for EisnerAmper :

You will get to be part of one of the largest and fastest growing accounting and advisory firms in the industry

You will have the flexibility to manage your days in support of our commitment to work / life balance

You will join a culture that has received multiple top "Places to Work" awards

We believe that great work is accomplished when cultures, ideas and experiences come together to create new solutions

We understand that embracing our differences is what unites us as a team and strengthens our foundation

Showing up authentically is how we, both as professionals and a Firm, find inspiration to do our best work

What Work You Will be Responsible For :

Perform vulnerability assessments across Windows and Linux environments to support compliance and audit requirements.

Use Kali Linux or similar platforms (Parrot OS, BlackArch) to perform reconnaissance, validate control effectiveness, and gather technical evidence.

Leverage tools such as Nmap, Burp Suite, Metasploit, and Wireshark to identify risks and confirm whether security controls are operating as intended.

Support IT audit teams by interpreting scan results, validating configurations, and documenting technical evidence.

Evaluate basic web application security risks using the OWASP Top 10 as a reference framework.

Use scripting (Bash, Python, PowerShell) to automate evidence gathering or streamline validation tasks.

Prepare clear, client-ready documentation explaining findings, risk impacts, and compliance implications.

Communicate technical concepts to non-technical stakeholders in a clear and professional manner.

Basic Qualifications :

Bachelors Degree

2-3 years of hands-on experience performing penetration testing or vulnerability assessments in Windows / Linux environments.

Experience with Kali Linux or similar testing distributions.

Familiarity with core tools : Nmap, Burp Suite, Metasploit, Wireshark.

Understanding of OWASP Top 10 and basic web application security concepts.

Basic scripting knowledge (Bash, Python, or PowerShell).

CEH or similar certification.

Preferred / Desired Qualifications :

Strong documentation and communication skills for client-facing compliance work.

Someone who enjoys the technical side of security but can pivot that knowledge into structured compliance work.

Comfortable reviewing configurations, validating controls, and making technical findings understandable for auditors and business leaders.

Detail-oriented, methodical, and able to connect technical testing results to compliance frameworks.

EisnerAmper is proud to be a merit-based employer. We do not discriminate on the basis of veteran or disability status orany protected characteristics under federal, state, or local law.

About our Risk & Compliance Team :

Specializing in services such as risk advisory and technology risk, RCS employees aren't just passionate about technology, but we see it as our driving force for innovation and forward thinking. We're committed to serving as advocates to our clients, enabling them to navigate, transform, secure, and maintain processes and controls they need to reach their unique goals. Whether it's complying with a new regulatory requirement or automating controls within a process, providing peace of mind for those "what's next" moments is our mantra and unique promise to clients.

Risk & Compliance Services employees are encouraged to think like an owner when supporting clients. Through this entrepreneurial and business-first mindset, we're pushed to take a step outside of our comfort zones and deliver solutions that both create a lasting business impact for our clients and allow us to grow as professionals.

Our core values of trust, integrity and accountability allow us to act as strategic innovators. Because when we build trust with each other, we can bring new ideas to the table and execute them without fear of failure.

About EisnerAmper :

EisnerAmper is one of the largest accounting, tax, and business advisory firms, with approximately 450 partners and 4,500 employess across the world. We combine responsiveness with a long-range perspective; to help clients meet the pressing issues they face today and position them for success tomorrow.

Our clients are enterprises as diverse as sophisticated financial institutions and start-ups, global public firms, and middle-market companies, as well as high net worth individuals, family offices, not-for-profit organizations, and entrepreneurial ventures across a variety of industries. We are also engaged by the attorneys, financial professionals, bankers, and investors who serve these clients.

Should you need any accommodations to complete this application please email : talentacquisition@eisneramper.com

#LI- Remote

#LI- Hybrid

#LI- LH1

Preferred Location : Baton Rouge

For NYC and California, the expected salary range for this position is between

80000

and

115000

The range for the position in other geographies may vary based on market differences.The actual compensation will be determined based on experience and other factors permitted by law.