Talent.com
Principal, Cyber Assurance

Principal, Cyber Assurance

Control RisksWashington, DC, US
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
  • serp_jobs.job_card.permanent
  • serp_jobs.filters_job_card.quick_apply
job_description.job_card.job_description

This role may be based in NYC or Washington DC.

We are seeking a senior leader to drive the growth of Digital Risks in the United States, with a primary focus on cyber assurance, third-party risk management, and large-scale regulatory compliance audits. In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include overseeing the assessment, and improving client cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party audits.

Key Responsibilities

Cybersecurity Program Evaluation

  • Lead cyber assurance engagements, assessing client cybersecurity programs for compliance with industry standards such as NIST, ISO 27001, and other relevant frameworks.
  • Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements.

Third-Party Risk Management Audits

  • Oversee large-scale third-party risk and compliance audits, ensuring alignment with industry-specific frameworks, regulatory standards, and contractual obligations.

    • Regulatory Compliance Audits

  • Oversee regulatory compliance audits to ensure clients meet required standards and regulations.
  • Advise clients on audit preparation and guide them through maintaining compliance while improving cybersecurity measures.
  • Ensure clients' compliance programs address both current and emerging regulatory requirements.

    • Penetration Testing & Vulnerability Management Support

  • Partner with the penetration testing team to incorporate findings into broader cyber assurance reviews.
  • Lead remediation efforts for high-risk vulnerabilities, aligning them with the client’s overall compliance and cybersecurity objectives.

    • Client Relationship & Business Development

  • Build and sustain relationships with key stakeholders, especially C-suite executives, positioning Digital Risks as a leader in cyber assurance and regulatory compliance.
  • Identify and capitalize on new business opportunities in cyber assurance, third-party risk assessments, and compliance audits.
  • Provide thought leadership on cyber assurance trends, regulatory updates, and best practices to enhance client relationships and grow the practice.
  • Advise clients on continuously improving their cybersecurity and compliance frameworks based on audit findings and risk assessments.

    • Practice Development & Team Leadership

  • Recruit, develop, and lead a high-performing team specializing in cyber assurance, third-party risk management, and regulatory compliance.
  • Foster a culture of continuous learning, ensuring the team stays ahead of emerging trends in cybersecurity and compliance.
  • Contribute to the creation of innovative services and solutions to meet clients' evolving needs in cyber assurance and compliance auditing.

    • Requirements

  • Candidates must be legally authorized to work in the US on a permanent basis without sponsorship.
  • Candidates must possess unrestricted US work authorization.

    • Experience & Knowledge :

  • 12+ years of experience in cybersecurity, specializing in cyber assurance, third-party risk management, and regulatory compliance audits.
  • Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001).
  • Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles.
  • In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors.
  • Experience integrating penetration testing and vulnerability assessments into broader cyber assurance strategies.

    • Education & Certifications :

  • Bachelor's or master’s degree in information security, Computer Science, Engineering, or a related field.
  • Relevant certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing.

    • Skills :

  • Strong commercial acumen, with proven ability to generate new business in cyber assurance and regulatory compliance services.
  • Exceptional communication, presentation, and analytical skills with the ability to influence senior stakeholders and deliver impactful insights that improve cybersecurity resilience and regulatory compliance.

    • The base salary range for this position in Washington DC is $180,000-$205,000 per year. The base salary range for this position in New York City is $200,000-$215,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience.

    Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs.

    Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov.

    Benefits

  • Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer.
  • Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
  • Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program.
  • As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.
    • serp_jobs.job_alerts.create_a_job

    Principal Assurance • Washington, DC, US

    Job_description.internal_linking.related_jobs
    • serp_jobs.job_card.promoted
    Lead Cyber Security Expert

    Lead Cyber Security Expert

    Scale AI, Inc.Washington, DC, United States
    serp_jobs.job_card.full_time
    Scale is at the frontier of the AI industry, improving the world's leading Generative AI and Large Language Models through model evaluations, human-powered supervised fine-tuning (SFT) datasets, wo...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    • serp_jobs.job_card.new
    Cybersecurity Technical Assessor

    Cybersecurity Technical Assessor

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Technical Assessor - Cybersecurity.Key Responsibilities Assess the effectiveness of security controls and recommend vulnerability remediation strategies Document devia...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
    • serp_jobs.job_card.promoted
    Cybersecurity Program Manager

    Cybersecurity Program Manager

    VirtualVocationsAlexandria, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Program Manager skilled in Cybersecurity Governance, Risk, and Compliance (GRC).Key Responsibilities Ensure projects meet requirements and are completed within schedule...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Mission Assurance Cyber Analyst

    Mission Assurance Cyber Analyst

    Leidos IncOdenton, MD, United States
    serp_jobs.job_card.full_time
    The Senior Analyst will support the DISA Joint Operations Center (DJOC) on Ft Meade, MD, and participate in all facets of DISA Mission Relevant Terrain - Cyber (MRT-C) mapping.Their responsibilitie...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    • serp_jobs.job_card.new
    Principal Threat Analyst

    Principal Threat Analyst

    VirtualVocationsAlexandria, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Principal Threat Analyst.Key Responsibilities Conduct deep analysis for client investigations using various data sources and monitoring tools Perform security monitori...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_1_hour
    • serp_jobs.job_card.promoted
    • serp_jobs.job_card.new
    Cybersecurity C&A Analyst

    Cybersecurity C&A Analyst

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Cybersecurity Certification and Accreditation Analyst.Key Responsibilities Serve as a Subject Matter Expert (SME) for DoD cybersecurity processes and information system...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
    • serp_jobs.job_card.promoted
    Cyber Operations Analyst

    Cyber Operations Analyst

    VirtualVocationsBaltimore, Maryland, United States
    serp_jobs.job_card.full_time
    A company is looking for a Cyber Operations Analyst to manage security alerts, incident response, and threat investigations in a remote setting. Key Responsibilities Proactively monitor and triage...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_1_day
    • serp_jobs.job_card.promoted
    Subject Matter Expert (SME) - Cybersecurity

    Subject Matter Expert (SME) - Cybersecurity

    Lafayette Group Inc.Arlington, Virginia, United States
    serp_jobs.job_card.part_time
    Subject Matter Expert (SME) - Cybersecurity.Lafayette Group is seeking qualified and team-oriented individuals to work with federal government organizations in support of national cybersecurity pro...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Information Assurance Engineer

    Information Assurance Engineer

    Leidos IncOdenton, MD, United States
    serp_jobs.job_card.full_time
    The Digital Modernization Sector has a career opportunity for an Information Assurance Engineer supporting the Global Solutions Management - Operations II (GSM-O II) contract at DISA.This contract ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Cyber Capabilities SME

    Cyber Capabilities SME

    Leidos IncOdenton, MD, United States
    serp_jobs.job_card.full_time
    The Cybersecurity Capabilities and Innovations SME shall provide support across the entire command.All SMEs will be centrally managed but may be assigned to work in separate directorates within the...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Cybersecurity Architect / Engineer

    Cybersecurity Architect / Engineer

    LeidosChantilly, VA, US
    serp_jobs.job_card.full_time
    Join us in improving and shaping the future of smart mobility with a group of intelligent, motivated, and dedicated individuals! The Leidos Surface Transportation group focuses on improving transpo...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Principal Consultant Engagement Lead

    Principal Consultant Engagement Lead

    VirtualVocationsFairfax, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Principal Consultant / Engagement Lead to manage Business Email Compromise and Ransomware engagements. Key Responsibilities : Assist with scoping new engagements and guide ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Cyber Engineer with PCI Compliance

    Cyber Engineer with PCI Compliance

    VirtualVocationsAlexandria, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Cyber Engineer.Key Responsibilities Support the Attack Surface Management (ASM) program focusing on web application security services Conduct technical security assess...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Cybersecurity Analyst

    Cybersecurity Analyst

    VirtualVocationsAlexandria, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Platform Professional Services Analyst (Remote).Key Responsibilities Exercise incident handling and remediation processes across various platforms Perform malware anal...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Tech Risk Assurance Director

    Tech Risk Assurance Director

    JPMorgan Chase & Co.McLean, VA, United States
    serp_jobs.job_card.full_time
    As a Tech Risk Assurance Director at JPMorgan Chase within the Risk Intelligence & Advisory (RIA) Team, you are an integral part of a team that works to identify, dimension and mitigate technology ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
    • serp_jobs.job_card.promoted
    Principal Auditor- Cyber, Risk and Analysis Technology Audit (Hybrid)

    Principal Auditor- Cyber, Risk and Analysis Technology Audit (Hybrid)

    Capital OneFalls Church, VA, US
    serp_jobs.job_card.full_time +1
    Principal Auditor- Cyber, Risk and Analysis Technology Audit (Hybrid).Capital One's Audit function is a dedicated group of professionals focused on delivering top-quality assurance services to the ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    • serp_jobs.job_card.new
    Cybersecurity A&A Subject Matter Expert

    Cybersecurity A&A Subject Matter Expert

    VirtualVocationsAlexandria, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for a Cybersecurity Assessment & Authorization (A&A) SME.Key Responsibilities Serve as a DOD cybersecurity SME for information systems undergoing A&A Apply NIST 800-53 secur...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
    • serp_jobs.job_card.promoted
    Online Adjunct Faculty - Cybersecurity

    Online Adjunct Faculty - Cybersecurity

    VirtualVocationsAlexandria, Virginia, United States
    serp_jobs.job_card.full_time
    A company is looking for an Online Associate (Adjunct) Faculty for the Bachelor of Science in Cyber and Data Security Technology program. Key Responsibilities Facilitate online instruction, includ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    Partner Engagement Manager, U.S. Cyber Command

    Partner Engagement Manager, U.S. Cyber Command

    OnebriefFort George G Meade, MD, US
    serp_jobs.job_card.full_time
    Required : Top Secret clearance with eligibility for SCI.In person in Fort Meade, Maryland.Onebrief is a revolutionary platform for military staff workflows and operational planning.The software is ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
    • serp_jobs.job_card.promoted
    • serp_jobs.job_card.new
    Information Assurance Engineer

    Information Assurance Engineer

    LeidosBethesda, MD, United States
    serp_jobs.job_card.full_time
    The Digital Modernization Sector has a career opportunity for an Information Assurance Engineer supporting the Global Solutions Management – Operations II (GSM-O II) contract at DISA.This contract ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours