Lead client engagements implementing cybersecurity programs aligned with SOC 2, ISO 27001, and other security and privacy frameworks
Conduct compliance readiness assessments and assist with external audits
Maintain day-to-day compliance, security, and privacy operations, including incident response tabletop exercises and formalizing response and notification procedures
Assist clients with key security and compliance initiatives, including risk assessments, business continuity planning, cloud configurations, user access reviews, and asset inventories
Implement and manage GRC platforms (e.g., Drata GRC platform, Vanta compliance automation platform, Tugboat Logic platform)
Perform vendor risk reviews, including analyzing SOC 2 reports and managing security questionnaires
Develop and maintain security policies and standard operating procedures (SOPs) across key domains
Coordinate project activities, set priorities, and track progress against timelines, budgets, and deliverables
Communicate regularly with clients to manage expectations and provide project status updates
Deliver clear written and verbal presentations, including recommendations for operational and financial improvements to executive stakeholders
Conduct interviews with prospective Associates and Senior Associates, assessing candidate suitability while serving as a brand ambassador for the CSDP practice and Riveron
Stay current on emerging risks and evolving control practices
Build and maintain strong industry relationships to support long-term business development

Requirements

Bachelor's and/or Master’s degree in Information Technology (IT), Computer Information Systems (CIS), Management Information Systems (MIS), or a related field
Relevant certification preferred, such as CISA, CISM, CISSP or AWS Cloud Practitioner
5+ years of experience in an IT Audit, Cybersecurity or IT Risk Advisory role
Demonstrated knowledge of compliance frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST, FedRAMP, CMMC
Familiarity with GRC solutions, tools, and technologies

Benefits

health insurance
dental and vision insurance
401(k) with company match
paid time off

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity programscompliance readiness assessmentsincident responserisk assessmentsbusiness continuity planningcloud configurationsuser access reviewsasset inventoriessecurity policiesstandard operating procedures

Soft Skills

client engagementproject managementcommunicationpresentation skillsinterviewingrelationship buildingexpectation managementteam coordinationanalytical skillsproblem-solving

Certifications

CISACISMCISSPAWS Cloud Practitioner