RAS - Security and Privacy Risk Consulting Manager

RSM US   •  

Orlando, FL

Industry: Accounting, Finance & Insurance


8 - 10 years

Posted 176 days ago

This job is no longer available.

In order to address the most critical needs of our clients, RSM US LLP has established the Security, Privacy and Risk Services group, comprised of dedicated cybersecurity professionals dedicated exclusively to serving the cybersecurity and information protection needs of our clients. This group includes experienced consultants located throughout the country dedicated to helping clients with preventing, detecting, and responding to securitythreats that may affect their critical systems and achieving regulatory compliance related to the handling, processing and protection of sensitive information. We serve a diverse client base within a variety of industries, and we are relied upon to provide expertise within areas of information securityrisk management, security testing, enterprise architecture, governance, regulatory privacy compliance, and digitalforensics.

We are looking to hire an experience Manager for our Security, Privacy and Risk practice. The Manager of Risk Advisory Services – Security, Privacy and Risk is a key position within our practice and will be responsible for providing assessment services around controls, compliance, security, and privacy across multiple industries. This individual would support our existing and new engagements in the Southeast market, and be a strong presence in the Security, Privacy and Risk areas from a leadership perspective. This person will help to build delivery capabilities, innovate service offerings and execute on engagement delivery within the Consulting Services Practice. This Manager will continue the firm's mission to build and lead a world class consulting practice that will offer RSM US LLP client's solutions addressing Information Technology securityrisks, data privacy risk management, technology vulnerabilities, incidents and data breach response, architecture, and compliance with regulations and standards.


Responsibilities will be based on background and experience but will typically include:


General Administrative:

  • Managing the delivery of timely engagement results and high-quality deliverables in accordance with professional and industry standards

  • Hands-on delivery and execution of project tasks for complex technology environments

  • Presentation and communication of project status and risk-based observations and proposed solutions to client’s senior management

  • Communicate with client management or project leaders and build key client relationships

  • Sustain deep client relationships to exceed client satisfaction

  • Support new business development activities as defined in the goal setting process

  • Oversee the work and manage the engagements and team members ensuring quality and meeting the requirements of the engagement letter / contract

  • Attract, develop and retain security and privacy consulting talent as directed by leadership

  • Generate precise written and oral reports and professional communication for senior level executive review and client-facing in support of various projects

  • Identify and clearly articulate (written and verbal) findings to senior management and clients

  • Help identify improvement opportunities for assigned clients

  • Assist with using proven business development skills to acquire additional clients and expand relationships with existing clients

  • Identify business opportunities and enhance go-to-market strategies 

Security, Privacy & Risk Specific Responsibilities:

  • Assisting with building our security, privacy and risk practice through expansion of team size and skill-sets

  • Experience or knowledgable of practices related to delivering data protection, breach management and regulatory privacy assessments

  • Experience of knowledge of practices related to deliveing control based information security reviews based on the clients implementations of frameworks such as, NIST CSF/800.53r4,  HIPAA/HITECH, HITRUST CSD, PCI-DSS, FISMA, FedRAMP, ISO 27002 and NIST 800.171.

  • Advising area leadership on the development and execution of the Security & Privacy Risk service line growth program and overall go-to market strategy

  • Particapting in professional organizations and developing leading practice point of views of relavant cybersecurity related topics for internal marketing and external organizational branding

  • Be able to communicate to clients regarding the strategic and tactical risks of advanced securitythreats, enterprise security management practices and innovative solutions to that help clients mitigate information securityrisk factors

  • Leverage industry and technical expertise to identify improvement opportunities for assigned clients and assist with the development of remediation services for identified findings 

Required Qualifications:

  • Bachelor's or advanced degree in Information Assurance, Accounting, Computer Science, Information Systems Management, and / or related discipline from an accredited college/university

  • 7+ years of related work experience in IT risk / cybersecurity / data privacy consulting, with at least 2 years as a project manager / team lead.  Primarily focused on assisting clients in complying with controls based industry standards

  • Certified Information Systems Security Professionals® (CISSP®); Certified Information Systems Auditor® (CISA®); Certified Information Security Manager® (CISM®); Certified Information Privacy Professional (CIPP); Certified Ethical Hacker (CEH); GIAC certifications or equivalent security certifications ·

  • Willingness to travel up to 30%, including international destinations requiring a passport, on short notice and potentially extended periods of time

  • Strong technical knowledge in one or more of the following: network and application security testing, IT security governance and risk, digitalforensics and incident response, securityarchitecture, deployment of security appliances such as DLP, SIEM, IDS/IPS, etc.

  • In-depth knowledge of the security and privacy provisions of a variety of regulations and standards such as PCI, NERC/CIP, SOX, HIPAA/HITECH, FFIEC, EU Privacy Laws, ISO, and NIST 800 series

  • Proven people skills: demonstrates thorough knowledge and/or a proven track record of success with operating in a professional services firm or large consultancy

  • Proven ability to effectively collaborate

  • Strong multitasking and project management skills

Preferred Qualifications:

  • Industry Thought Leadership

  • Excellent written, oral, presentation skills, innovative thinker

  • A proven record of success working seamlessly in a virtual environment to complete projects with team members based in various locations, domestically and globally

  • Demonstrates creative thinking, individual initiative, and flexibility in prioritizing and completing tasks

  • Keeps up to date with the Security and Privacy Industry - following the industry's advancements, challenges, and discovery