Talent.com
Principal, Cyber Assurance

Principal, Cyber Assurance

Control RisksWashington, DC, US
30+ days ago
Job type
  • Full-time
  • Permanent
  • Quick Apply
Job description

This role may be based in NYC or Washington DC.

We are seeking a senior leader to drive the growth of Digital Risks in the United States, with a primary focus on cyber assurance, third-party risk management, and large-scale regulatory compliance audits. In this role, you will collaborate closely with our cyber threat intelligence, advisory, and response teams to expand our digital risk business. Your responsibility will include overseeing the assessment, and improving client cybersecurity programs, ensuring alignment with industry standards and regulatory requirements, and guiding clients through complex third-party audits.

Key Responsibilities

Cybersecurity Program Evaluation

  • Lead cyber assurance engagements, assessing client cybersecurity programs for compliance with industry standards such as NIST, ISO 27001, and other relevant frameworks.
  • Act as a trusted advisor, ensuring client cybersecurity postures are resilient, compliant, and in line with regulatory requirements.

Third-Party Risk Management Audits

  • Oversee large-scale third-party risk and compliance audits, ensuring alignment with industry-specific frameworks, regulatory standards, and contractual obligations.

    • Regulatory Compliance Audits

  • Oversee regulatory compliance audits to ensure clients meet required standards and regulations.
  • Advise clients on audit preparation and guide them through maintaining compliance while improving cybersecurity measures.
  • Ensure clients' compliance programs address both current and emerging regulatory requirements.

    • Penetration Testing & Vulnerability Management Support

  • Partner with the penetration testing team to incorporate findings into broader cyber assurance reviews.
  • Lead remediation efforts for high-risk vulnerabilities, aligning them with the client’s overall compliance and cybersecurity objectives.

    • Client Relationship & Business Development

  • Build and sustain relationships with key stakeholders, especially C-suite executives, positioning Digital Risks as a leader in cyber assurance and regulatory compliance.
  • Identify and capitalize on new business opportunities in cyber assurance, third-party risk assessments, and compliance audits.
  • Provide thought leadership on cyber assurance trends, regulatory updates, and best practices to enhance client relationships and grow the practice.
  • Advise clients on continuously improving their cybersecurity and compliance frameworks based on audit findings and risk assessments.

    • Practice Development & Team Leadership

  • Recruit, develop, and lead a high-performing team specializing in cyber assurance, third-party risk management, and regulatory compliance.
  • Foster a culture of continuous learning, ensuring the team stays ahead of emerging trends in cybersecurity and compliance.
  • Contribute to the creation of innovative services and solutions to meet clients' evolving needs in cyber assurance and compliance auditing.

    • Requirements

  • Candidates must be legally authorized to work in the US on a permanent basis without sponsorship.
  • Candidates must possess unrestricted US work authorization.

    • Experience & Knowledge :

  • 12+ years of experience in cybersecurity, specializing in cyber assurance, third-party risk management, and regulatory compliance audits.
  • Proven track record of leading cyber assurance engagements and guiding clients through risk management and compliance processes based on industry frameworks (e.g., NIST, ISO 27001).
  • Expertise in managing third-party audits and ensuring regulatory compliance across audit lifecycles.
  • In-depth understanding of regulatory frameworks, with hands-on experience delivering compliance audits for both commercial and government sectors.
  • Experience integrating penetration testing and vulnerability assessments into broader cyber assurance strategies.

    • Education & Certifications :

  • Bachelor's or master’s degree in information security, Computer Science, Engineering, or a related field.
  • Relevant certifications such as CISSP, CISM, CISA, ISO 27001 Lead Auditor, SANS, or other recognized credentials in cybersecurity, third-party risk management, and compliance auditing.

    • Skills :

  • Strong commercial acumen, with proven ability to generate new business in cyber assurance and regulatory compliance services.
  • Exceptional communication, presentation, and analytical skills with the ability to influence senior stakeholders and deliver impactful insights that improve cybersecurity resilience and regulatory compliance.

    • The base salary range for this position in Washington DC is $180,000-$205,000 per year. The base salary range for this position in New York City is $200,000-$215,000 per year. Exact compensation offered may vary depending on job-related knowledge, skills, and experience.

    Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. If you require any reasonable adjustments to be made in order to participate fully in the interview process, please let us know and we will be happy to accommodate your needs.

    Control Risks participates in the E-Verify program to confirm employment authorization of all newly hired employees. The E-Verify process is completed during new hire onboarding and completion of the Form I-9, Employment Eligibility Verification, at the start of employment. E-Verify is not used as a tool to pre-screen candidates. For more information on E-Verify, please visit www.uscis.gov.

    Benefits

  • Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer.
  • Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
  • Medical Benefits, Prescription Benefits, FSA, Dental Benefits, Vision Benefits, Life and AD&D, Voluntary Life and AD&D, Disability Benefits, Voluntary Benefits, 401 (K) Retirement, Nationwide Pet Insurance, Employee Assistance Program.
  • As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.
    • Create a job alert for this search

    Principal Assurance • Washington, DC, US

    Related jobs
    • Promoted
    Director, Infrastructure and Network Engineering (A01097)

    Director, Infrastructure and Network Engineering (A01097)

    InsideHigherEdGermantown, Maryland, United States
    Full-time
    Montgomery College, Central Services Campus, has an immediate need for a FT Director, Infrastructure and Network Engineering in the Office of Information Technology. The work schedule is 5 days / 40 h...Show moreLast updated: 30+ days ago
    • Promoted
    Identity Access Management (IAM) Manager - Cyber Security - Bowie, MD

    Identity Access Management (IAM) Manager - Cyber Security - Bowie, MD

    WesBanco Bank Inc.Bowie, MD, United States
    Full-time +1
    Identity Access Management (IAM) Manager - Cyber Security.Bowie, Maryland, United States.This position is 100% remote within the Bank's footprint. Employee will work full time remote outside of a We...Show moreLast updated: 17 days ago
    • Promoted
    Adjunct, Information Technology

    Adjunct, Information Technology

    InsideHigherEdFrederick, Maryland, United States
    Part-time
    Adjunct, Information Technology.Frederick Community College (FCC) is seeking dynamic and knowledgeable adjunct instructors to teach hybrid courses in the information technology and cybersecurity.Ca...Show moreLast updated: 30+ days ago
    • Promoted
    Sr. Information Assurance (IA) Team Lead

    Sr. Information Assurance (IA) Team Lead

    Potawatomi Federal Solutions, LLCWashington, DC, United States
    Full-time
    Information Assurance (IA) Team Lead.Information Assurance (IA) Team Lead.Potawatomi Federal Solutions, LLC.Information Assurance (IA) Team Lead. Be among the first 25 applicants.Information Assuran...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    IT Disaster Recovery Lead

    IT Disaster Recovery Lead

    Legal & General AmericaFrederick, MD, United States
    Full-time
    At Legal & General America, we aim to make a positive difference in the lives of our customers, partners, colleagues, and the communities in which they live. As a recognized market leader of term li...Show moreLast updated: 22 hours ago
    • Promoted
    Cyber Capabilities SME

    Cyber Capabilities SME

    Leidos IncOdenton, MD, United States
    Full-time
    The Cybersecurity Capabilities and Innovations SME shall provide support across the entire command.All SMEs will be centrally managed but may be assigned to work in separate directorates within the...Show moreLast updated: 30+ days ago
    • Promoted
    Network Engineer

    Network Engineer

    Dunhill Professional SearchGermantown, MD, US
    Full-time
    Serve in a dual-capacity role that balances high-level network design and architecture responsibilities with day-to-day operational support and device configuration across enterprise environments.A...Show moreLast updated: 14 days ago
    Cybersecurity Assessment & Authorization (A&A) SME

    Cybersecurity Assessment & Authorization (A&A) SME

    Nationwide IT ServicesFort Belvoir, VA, US
    Full-time
    Quick Apply
    Cybersecurity Assessment & Authorization (A&A) SME Security Clearance : IT-II Non-Critical Sensitive or Tier 3 (T3) Secret Location : Remote or DLA HQ, Fort Belvoir, VA Certifications : Certif...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Remote Assurance Director (Digital Assets / Crypto / Exchange / Treasury / Blockchain)

    Remote Assurance Director (Digital Assets / Crypto / Exchange / Treasury / Blockchain)

    BDO USAWashington, DC, US
    Remote
    Full-time
    The Assurance Director title is reserved for professionals who achieve recognition in a technical area of assurance and risk management. The person is qualified to perform certain limited yet critic...Show moreLast updated: 6 hours ago
    • Promoted
    Sr. Information Assurance Team Lead / CSSP Manager

    Sr. Information Assurance Team Lead / CSSP Manager

    TM3 Solutions, Inc.Germantown, MD, United States
    Full-time
    Information Assurance Team Lead / CSSP Manager is a critical leadership position within our cybersecurity team, tasked with overseeing comprehensive Information Assurance and Cybersecurity Service ...Show moreLast updated: 2 days ago
    • Promoted
    Senior Security Engineer

    Senior Security Engineer

    Legal & General AmericaFrederick, MD, United States
    Full-time
    At Legal & General America, we aim to make a positive difference in the lives of our customers, partners, colleagues, and the communities in which they live. As a recognized market leader of term li...Show moreLast updated: 30+ days ago
    • Promoted
    Tech Risk Assurance Director

    Tech Risk Assurance Director

    JPMorganChaseMcLean, VA, United States
    Full-time
    As a Tech Risk Assurance Director at JPMorgan Chase within the Risk Intelligence & Advisory (RIA) Team, you are an integral part of a team that works to identify, dimension and mitigate technology ...Show moreLast updated: 5 days ago
    • Promoted
    Principal Cyber Threat Hunter

    Principal Cyber Threat Hunter

    Leidos IncAdelphi, MD, United States
    Full-time
    The Leidos Digital Modernization group has a career opportunity for a.This position will support a large Department of Defense (DOD) Cyber Security Service Providers (CSSP) and is responsible for p...Show moreLast updated: 30+ days ago
    • Promoted
    Cybersecurity Lead Manager

    Cybersecurity Lead Manager

    ASRC Federal Holding CompanyAlexandria, VA, United States
    Full-time
    ASRC Federal is a leading government contractor furthering missions in space, public health and defense.As an Alaska Native owned corporation, our work helps secure an enduring future for our share...Show moreLast updated: 11 days ago
    • Promoted
    Director, Cyber Risk & Analysis | Retail Bank Tech

    Director, Cyber Risk & Analysis | Retail Bank Tech

    Capital OneMcLean, VA, United States
    Full-time
    Capital One, a Fortune 500 company and one of the nation's top 10 banks, offers a broad spectrum of financial products and services to consumers, small businesses and commercial clients.Our mission...Show moreLast updated: 2 days ago
    • Promoted
    Information Assurance Sr SME

    Information Assurance Sr SME

    Leidos IncBethesda, MD, United States
    Temporary
    Leidos has a new and exciting opportunity for an.National Security Sector's (NSS) Cyber & Analytics Business Area (CABA). Our talented team is at the forefront in Security Engineering, Computer Netw...Show moreLast updated: 5 days ago
    • Promoted
    Network Security Engineer

    Network Security Engineer

    Office of The Chief Financial OfficerNorthern Virginia, VA, United States
    Full-time
    Government of the District of Columbia.Office of the Chief Financial Officer (OCFO).Network Security Engineer (INFOSEC).This position is located in the Office of the Chief Financial Officer (OCFO),...Show moreLast updated: 30+ days ago
    • Promoted
    Manager Information Technology (On-site)

    Manager Information Technology (On-site)

    Leonardo DRSGermantown, MD, United States
    Full-time
    DRS RADA Technologies, a subsidiary of Leonardo DRS, is focused on proprietary radar solutions and legacy avionics systems supporting the defense industry globally. The company is a global pioneer o...Show moreLast updated: 25 days ago