[Hiring] Cyber Security - Manager @Riveron

Role Description

In today’s dynamic environment, business leaders face constantly shifting risks. Riveron helps organizations implement leading governance, risk and compliance practices by combining deep expertise with pragmatic partnership, using a hands-on approach to understand the specific needs of the organization and create tailored solutions to address key compliance risks.

Our Cyber Security & Data Privacy (CSDP) services include:

• Building GRC/Cybersecurity programs from the ground up
• Framework readiness
• Design and maintenance of critical security domains
• Managed internal controls testing and monitoring
• Co-sourced/outsourced internal audit
• Segregation of duties and access risk review
• Policy and procedure development
• Enterprise risk management
• IT and cybersecurity risk assessment

The Manager level position for Riveron’s CSDP group will work collaboratively with senior team members and provide guidance, coaching, and direction. Managers are expected to conduct the majority of day-to-day project management activities on all of their engagements, including:

• Project plan development
• Reviewing staff work for quality
• Status updates to clients
• Mentoring Senior Associates and Associates

The role includes:

• Leading the implementation of GRC/Cybersecurity programs
• Assessing the design and operating effectiveness of IT General Controls (ITGC)
• Developing and executing remediation roadmaps
• Directing incident response tabletop exercises
• Performing IT risk assessments

Qualifications

• Bachelor's and/or Master’s degree in Information Technology (IT), Computer Information Systems (CIS), Management Information Systems (MIS), or a related field
• Relevant certification preferred, such as CISA, CISM, CISSP or AWS Cloud Practitioner
• 5+ years of experience in an IT Audit, Cybersecurity or IT Risk Advisory role
• Demonstrated knowledge of compliance frameworks such as SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST, FedRAMP, CMMC
• Familiarity with GRC solutions, tools, and technologies

Requirements

• You have a passion for developing and maintaining client relationships
• You get the job done and have fun doing it
• You communicate skillfully with a variety of audiences and can create compelling stories from data
• You thrive in an ever-changing, dynamic work environment
• You readily identify problems and instinctively look for solutions
• You enjoy participating in internal and external company initiatives such as community service, training, recruiting, and firm events

What You’ll Do

• Lead client engagements implementing cybersecurity programs aligned with SOC 2, ISO 27001, and other security and privacy frameworks
• Conduct compliance readiness assessments and assist with external audits
• Maintain day-to-day compliance, security, and privacy operations, including incident response tabletop exercises and formalizing response and notification procedures
• Assist clients with key security and compliance initiatives, including risk assessments, business continuity planning, cloud configurations, user access reviews, and asset inventories
• Implement and manage GRC platforms (e.g., Drata GRC platform, Vanta compliance automation platform, Tugboat Logic platform)
• Perform vendor risk reviews, including analyzing SOC 2 reports and managing security questionnaires
• Develop and maintain security policies and standard operating procedures (SOPs) across key domains
• Coordinate project activities, set priorities, and track progress against timelines, budgets, and deliverables
• Communicate regularly with clients to manage expectations and provide project status updates
• Deliver clear written and verbal presentations, including recommendations for operational and financial improvements to executive stakeholders
• Conduct interviews with prospective Associates and Senior Associates, assessing candidate suitability while serving as a brand ambassador for the CSDP practice and Riveron
• Stay current on emerging risks and evolving control practices
• Build and maintain strong industry relationships to support long-term business development

Benefits

• Full range of benefits including medical, dental, and vision insurance
• 401(k) with company match
• PTO