A
Posted 9 hours ago
Senior vCISO/GRC Consulting Manager
Agency Cybersecurity
Perks & benefits
Paid LeaveHealth Insurance
Requirements
6+ years GRC or cybersecurity experience, 4+ years management experience, SOC 2 and ISO 27001 expertise, Ability to work in person in Richmond, VA
Skills
ComplianceCybersecurityAuditrisk managementSecurity+Cloud SecurityIAMSIEMAccess controlData governanceKYCRisk assessment
About the role
About the Company
Agency Cybersecurity is a fast-growing venture-backed startup that provides best-in-class cybersecurity and compliance. Our software and services simplify complex compliance frameworks including SOC2, ISO 27001, HIPAA, and others, empowering businesses to scale securely and confidently.
Responsibilities
- Serve as a trusted vCISO advisor to clients across cybersecurity, governance, risk, and compliance matters.
- Lead client engagements related to SOC 2, ISO 27001, and other audited security frameworks.
- Manage a team of GRC consultants, analysts, and implementation resources.
- Develop and manage compliance roadmaps, audit readiness plans, and remediation timelines.
- Advise clients on security program design, risk prioritization, and control implementation.
- Lead the development and review of client security policies, procedures, and governance documentation.
- Coordinate with external auditors, assessors, and client stakeholders.
- Support clients with customer security reviews and security questionnaires.
Requirements
- Minimum 6 years of professional experience in GRC, cybersecurity compliance, or security advisory.
- Minimum 4 years of management or team leadership experience.
- Direct experience advising organizations on SOC 2 and ISO 27001.
- Experience managing client-facing consulting engagements.
- Strong understanding of security controls, risk management, and audit processes.
- Ability to work in person from Richmond, VA.
- Strong project management and communication skills.
Preferred Qualifications
- Experience with GRC platforms such as Vanta, Drata, or Secureframe.
- Experience with frameworks like NIST 800-53, CMMC, HIPAA, or GDPR.
- Relevant certifications such as CISA, CISSP, CRISC, or CISM.
- Familiarity with cloud infrastructure (AWS, Azure, GCP).
- Experience advising startups or SaaS companies.
Benefits
- 10 days of paid time off (PTO)
- 11 paid federal holidays
- 401(k) with 4% company match
- Monthly healthcare stipend
- Gym membership stipend
- Weekly team lunches and in-office snacks
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSenior vCISO/GRC Consulting Manager
Agency Cybersecurity · Richmond
