RISCPoint Advisory Group Managing Consultant – Cybersecurity Compliance Remote · Full time

Apply for Managing Consultant – Cybersecurity Compliance

RISCPoint was founded with the vision to seamlessly integrate with your team, utilizing only high-performing professionals with deep technical and operational experience to fulfill your security and compliance needs. Our diverse team has served companies ranging from Fortune 10 to pre-series A start-ups. Our first priority is to understand your specific needs, only recommending services we are certain will deliver a meaningful return on investment. We provide business-focused risk, technology and cybersecurity solutions, specifically tailored to your organization.

ABOUT THE COMPANY 

RISCPoint is a cybersecurity consulting firm specializing in helping organizations navigate complex compliance frameworks such as FedRAMP, SOC 2, ISO 27001, and HITRUST. Our team is made up of former assessors, auditors, and industry experts who deliver tailored, high-quality engagements designed to meet each client’s unique needs. We take a collaborative, “white-glove” approach that prioritizes both technical excellence and client experience. With rapid growth and a reputation for trusted expertise, RISCPoint partners with leading cloud service providers, technology companies, and enterprises across industries. Join us and be part of a team that is shaping the future of cybersecurity compliance.

Key Responsibilities

Responsibilities include:

• Lead SOC 2 audit engagements utilizing GRC and compliance automation platforms such as Vanta and Drata to streamline evidence collection, control monitoring, and audit coordination activities.

• Configure, review, and manage compliance workflows within GRC platforms, including control mapping, evidence review, personnel task tracking, and auditor request coordination.

• Work directly with clients and external auditors to facilitate efficient SOC 2 audit execution through automated evidence collection processes and platform-based collaboration.

• Lead and oversee cybersecurity compliance and assurance engagements across frameworks including SOC 1, SOC 2, ISO 27001, HITRUST, HIPAA, and related regulatory or industry standards.

• Manage multiple concurrent client engagements, project teams, timelines, budgets, and delivery expectations across cybersecurity compliance and assurance services.

• Serve as the primary engagement lead and trusted advisor for client accounts, including executive-level communications, escalations, and strategic guidance.

• Facilitate client workshops, interviews, and discovery sessions with technical and business stakeholders to gather information regarding security controls, policies, procedures, and operational practices.

• Perform gap assessments, readiness assessments, and control evaluations against applicable framework requirements and industry-leading practices.

• Develop, review, and maintain security and compliance documentation including policies, procedures, risk assessments, system descriptions, control narratives, and related supporting artifacts.

• Provide practical and risk-based remediation guidance to clients to address identified control gaps, deficiencies, and process improvement opportunities.

• Oversee engagement execution and coordinate directly with client stakeholders to manage timelines, risks, escalations, and overall client satisfaction.

• Support audit and assessment activities by assisting clients with evidence collection, walkthrough preparation, auditor coordination, and response management.

• Review client environments and processes to identify compliance risks, operational inefficiencies, and opportunities to improve security posture and program maturity.

• Review and approve consultant work products, deliverables, risk assessments, and client-facing documentation to ensure quality and consistency.

• Manage, mentor, and develop consultants and senior consultants through coaching, technical guidance, quality reviews, and performance feedback.

• Assist practice leadership with resource planning, engagement staffing, utilization management, and service delivery operations.

• Support business development activities including proposal development, scoping discussions, client presentations, and sales support efforts.

• Contribute to the growth and maturity of the practice through process improvement initiatives, methodology development, training programs, and service innovation.

• Participate in client presentations and executive discussions by delivering clear, professional, and business-focused communication regarding compliance and security matters.

• Maintain current knowledge of cybersecurity, compliance, privacy, and assurance trends, standards, and emerging regulatory requirements.

Qualifications

• Bachelor’s or Master’s degree in Information Security, Computer Science, or a related field or combination of relevant education and equivalent work experience.

Experience

• 5–8+ years of experience supporting or leading cybersecurity compliance, risk, or assurance engagements within a consulting, audit, or advisory environment.

• Hands-on experience supporting SOC 1 and SOC 2 assessments, including readiness activities, evidence collection, control testing support, and auditor coordination.

• Experience working with security and compliance frameworks such as SOC 1, SOC 2, ISO 27001, HITRUST, HIPAA, NIST CSF, or related industry standards.

• Experience utilizing GRC and compliance automation platforms such as Vanta and Drata in support of SOC 2 audits and ongoing compliance operations.

• Experience managing client engagements, project teams, and delivery timelines within a professional services or consulting environment.

• Experience mentoring, coaching, or supervising consultants or junior team members.

• Ability to facilitate client meetings, workshops, and discovery sessions with both technical and non-technical stakeholders.

• Experience developing and maintaining security and compliance documentation including policies, procedures, risk assessments, control narratives, and supporting evidence artifacts.

• Strong understanding of information security concepts including access management, logging and monitoring, vulnerability management, change management, vendor risk management, and incident response.

• Experience coordinating project tasks, managing timelines, tracking deliverables, and communicating status updates within a client-facing consulting environment.

• Strong written and verbal communication skills with the ability to present complex compliance and security concepts in a professional and business-friendly manner.

• Ability to independently manage multiple engagements and priorities in a fast-paced consulting environment while maintaining attention to detail and quality.

• Experience participating in business development, proposal support, or client account management activities is preferred.

• Experience working within cloud-based environments such as AWS, Azure, or Google Cloud Platform is preferred.

Certifications

Relevant industry certifications such as Security+, CISSP, CISA, CRISC, ISO 27001 Lead Implementer/Auditor, HITRUST CCSFP, or similar certifications are preferred.

Skills

• Strong understanding of cybersecurity and compliance frameworks including SOC 1, SOC 2, ISO 27001, HITRUST, and HIPAA.

• Experience utilizing GRC and compliance automation platforms such as Vanta and Drata.

• Strong leadership and team management skills with the ability to mentor, develop, and oversee consulting staff.

• Excellent written and verbal communication skills with the ability to work effectively with both technical and executive stakeholders.

• Strong organizational and project management skills with the ability to manage multiple client engagements and deadlines simultaneously.

• Ability to perform compliance assessments, identify control gaps, and provide practical remediation guidance within client environments.

Compensation & Benefits

• Generous Salary + Bonus

• Company Paid Health Insurance

• Company Paid Dental Insurance

• Company Paid Vision Insurance

• Company Paid Life Insurance

• 401k with 3% Company Contribution (Traditional & Roth Options)

• Generous Vacation Policy