Manager, Compliance as a Service

Position Responsibilities:

• Lead and deliver multiple moderate-complexity security compliance engagements, ensuring high-quality, consistent, and timely execution.
• Oversee and delegate lower-complexity engagements to junior team members, providing guidance and quality assurance.
• Serve as a primary client relationship manager, advising on security compliance strategy, audit readiness, and risk management.
• Execute and manage compliance assessments, gap analyses, remediation planning, and evidence collection across frameworks such as PCI DSS, SOC 1, SOC 2, ISO 27001, ISO 27701, ISO 42001, HITRUST, CMMC, FedRAMP, NIST CSF, and GDPR.
• Own and contribute to revenue delivery, including direct responsibility for ~$300K and oversight of $500K+ in team-managed project work.
• Mentor and develop junior team members (Associates and Senior Associates), promoting professional growth and consistent service delivery standards.
• Design and implement scalable security compliance programs aligned to clients’ current and future business needs.
• Manage projects end-to-end, including scoping, resourcing, execution, and delivery; proactively coordinate across all levels of the organization.
• Draft and manage engagement documentation, including Engagement Letters, Statements of Work (SOWs), and proposals; oversee invoicing, WIP, realization, margins, and overall project financials.
• Collaborate cross-functionally with audit, advisory, and offensive security teams to deliver integrated client solutions.
• Enhance and standardize service delivery through development of processes, templates, and methodologies to improve efficiency and scalability.
• Support business development efforts, including proposal development, engagement scoping, and identifying expansion opportunities within existing accounts.
• Stay current on regulatory changes and industry trends to proactively guide clients on emerging compliance requirements and best practices.
• Contribute to internal initiatives such as training development, onboarding materials, and thought leadership to support team growth and market presence.
• Leverage AI and LLMs to enhance service delivery while applying critical judgment to validate outputs.

Qualifications:

• Minimum of 5 years’ experience in information security, IT compliance, or a related cybersecurity role, with significant experience in professional services, consulting, or managed services environment.
• Demonstrated experience delivering compliance programs across multiple frameworks and client engagements simultaneously.
• CISSP and CISA certifications required.
• Proven ability to mentor and develop junior team members in a client-facing professional services setting.
• Understanding of cloud security (AWS, Azure, GCP) and securing hybrid/multi-cloud environments, including how different technologies work and fit together, and their implications to security compliance.
• Ability to speak with DevOps and Engineering teams intelligently and independently expand your knowledge through self-directed research.
• Familiarity with security technologies (e.g., SIEM, IDS/IPS, network security controls, encryption), how to apply them, and the ability to recommend solutions that most efficiently address client needs.
• Excellent written and verbal communication skills, with the ability to articulate complex compliance and security topics to both technical and non-technical stakeholders.
• Target utilization rate of 80%.

Bonus:

• Additional certifications such as CISM, PCI QSA, or CMMC CCA/CCP.
• Cloud Service Provider-related certifications are highly valued.
• Candidates should consider what certifications allow the firm to sell more business and what certifications teach you something that adds value to client projects.
• Experience with information security-related audit processes such as SOC 2, ISO 27001, ISO 42001, PCI DSS, HITRUST, etc.

Why work for Aprio:

• Whether you are just starting out, looking to advance into management or searching for your next leadership role, Aprio offers an opportunity to grow with a future-focused, innovative firm.

Perks/Benefits we offer for full-time team members:

• Medical, Dental, and Vision Insurance on the first day of employment.
• Flexible Spending Account and Dependent Care Account.
• 401k with Profit Sharing.
• 9+ holidays and discretionary time off structure.
• Parental Leave – coverage for both primary and secondary caregivers.
• Tuition Assistance Program and CPA support program with cash incentive upon completion.
• Discretionary incentive compensation based on firm, group and individual performance.
• Incentive compensation related to origination of new client sales.
• Top rated wellness program.
• Flexible working environment including remote and hybrid options.

What’s in it for you:

• Working with an industry leader: Be part of a high-growth firm that is passionate for what’s next.
• An awesome culture: Thirty-one fundamental behaviors guide our culture every day ensuring we always deliver an exceptional team-member and client experience. We call it the Aprio Way. This shared mindset creates lasting relationships between team members and with clients.
• A great team: Work with a high-energy, passionate, caring and ambitious team of professionals in a collaborative culture.
• Entrepreneurship: Have the freedom to innovate and bring your ideas to help us grow to become the CPA firm of choice nationally.
• Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement.
• Competitive compensation: You will be rewarded with competitive compensation, industry-leading benefits and a flexible work environment to enjoy work/life balance.