Manager - Cybersecurity Consulting

RISCPoint is seeking a technically proficient cybersecurity leader to manage, mentor, and scale consultant and service line capabilities across RISCPoint's expert Virtual CISO and Cyber Operations Services. Operate at both strategic and technical depth, overseeing complex engagements and service delivery excellence under the direction of the Cyber Operations Services Director.

About RISCPoint Advisory Group

RISCPoint was founded with the vision to seamlessly integrate with your team, utilizing only high-performing professionals with deep technical and operational experience to fulfill your security and compliance needs. Our diverse team has served companies ranging from Fortune 10 to pre-series A start-ups. Our first priority is to understand your specific needs, only recommending services we are certain will deliver a meaningful return on investment. We provide business-focused risk, technology and cybersecurity solutions, specifically tailored to your organization.

Description
ABOUT THE COMPANY

RISCPoint is a cybersecurity consulting firm specializing in helping organizations navigate complex compliance frameworks such as FedRAMP, SOC 2, ISO 27001, and HITRUST. Our team is made up of former assessors, auditors, and industry experts who deliver tailored, high-quality engagements designed to meet each client's unique needs. We take a collaborative, "white-glove" approach that prioritizes both technical excellence and client experience. With rapid growth and a reputation for trusted expertise, RISCPoint partners with leading cloud service providers, technology companies, and enterprises across industries. Join us and be part of a team that is shaping the future of cybersecurity compliance.

Position Overview

RISCPoint is seeking a technically proficient cybersecurity leader to manage, mentor, and scale consultant and service line capabilities across RISCPoint's expert Virtual CISO and Cyber Operations Services. Operate at both strategic and technical depth, overseeing complex engagements and service delivery excellence under the direction of the Cyber Operations Services Director.

Key Responsibilities

As a Cybersecurity Services Manager, lead and govern cybersecurity advisory engagements while translating cybersecurity concepts and compliance requirements into scalable, risk-informed security programs for clients across technical and high-growth various industries.

• Balance hands-on security expertise, client advisory leadership, and people management as a key utility player that empowers RISCPoint and its client organizations to achieve their security mission.
• Responsibilities include:
• Provide advisory and expertise of information security and compliance best practice, aligned with organizational security objectives and modern cybersecurity compliance frameworks
• Lead complex and high-risk engagements across multiple domains, including Business Continuity & Disaster Recovery (BCDR), Incident Response (IR), Security Training, Third-Party Risk and compliance readiness
• Manage a team of growing technical and compliance consultants to promote ongoing growth and operationalize structured, repeatable methodologies
• Serve as an executive-facing advisor to ensure alignment of actionable and measurable client-facing security programs with business objectives, risk appetite, and compliance expectations
• Lead the development of tailored security roadmaps, multi-year strategies and security maturity models
• Oversee workshops, tabletop exercises, and security program reviews across people, processes, and technologies
• Engineer and continuously improve internal delivery processes
• Collaborate with RISCPoint Leadership to expand cybersecurity service offerings and market positioning

Qualifications

• 5 – 10 years of progressive experience in cybersecurity, information security, or risk management (with at least 2 years in a lead or management role)
• Exposure to one or more modern cybersecurity compliance and regulatory frameworks or models in-depth:

o NIST (required) - CSF, RMF, SSDF, NIST SP 800 Series

o CMMC, FedRAMP, GovRAMP

o HIPAA, HITRUST

o ISO 27000 Series, SOC 2

o PCI DSS

• Strong understanding of cybersecurity Risk Management processes

o Risk Assessment and Impact Analysis

o Security Program Maturity and Metrics

o Third-Party Risk Management

• Working knowledge across modern cybersecurity domains including:

o Access and Data Control and Protection

o Application, Cloud, Endpoint, and Network Security Technologies

o Business Continuity and Disaster Recovery (BCDR)

o Security Awareness and Culture

o Security Incident Response (IR)

o Security Architecture, Testing, and Validation

• Exposure to assessment and management of AI/ML security risks, responsible AI use, and AI governance controls

Certifications

• CISM, CISSP, CASP+, GSE or equivalent (required)
• Active or pursued AWS/Azure/GCP Professional or Specialty level certifications (preferred)

Skills

• Proven ability to lead, mentor, and develop cybersecurity professionals
• Executive-level communication and presentation
• Strong management of client relationships, tracking, and expectations
• Ability to balance hands-on expertise with delegation and review
• High standard of program ownership across objectives, milestones, and delivery
• Success within fast-moving, regulated, and ambiguous client environments
• Strategic mindset for risk-based decision-making and appetite for challenge
• Commitment to continuous improvement and growth of personal and firm expertise

COMPENSATION & BENEFITS

• Base Salary + Bonus
• Company Paid Health Insurance
• Company Paid Dental Insurance
• Company Paid Vision Insurance
• 401k with 3% Company Contribution (Traditional & Roth Options)
• Generous Vacation Policy

---