GRC Manager

CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CliftonLarsonAllen, LLP (CLA) is seeking an experienced and dynamic IT and Cybersecurity Controls Consultant Manager to lead a team of IT audit and cybersecurity professionals in the delivery of consulting and advisory services. This role is critical in ensuring clients’ information systems are secured against reasonably foreseeable risks and threats, while complying with relevant industry, federal, state, and local government security standards and regulations, safeguarding sensitive data, and systems. This is a Managerial position but will also be tasked with hands-on project execution work for larger complex clients, as appropriate.

Key Responsibilities

• Lead a multidisciplinary team of IT auditors, IT security professionals, and compliance analysts.
• Develop, implement, and maintain methodologies and schedules to ensure timely completion of cybersecurity governance, risk and compliance framework assessments and reporting.
• Serve as the primary point of contact between the CLA and clients as assigned.
• Review and interpret regulations, including cybersecurity frameworks industry directives, and other applicable policies.
• Identify, assess, and communicate risks and vulnerabilities in information systems, and support mitigation planning.
• Prepare and present deliverables, services, reports, findings and recommendations to client leadership.
• Perform quality review on client deliverables to ensure documentation and evidence collection meets CLA standards and is ready for inspection at all times.
• Provide training and guidance to CLA staff on applicable regulatory requirements and best practices for information security.
• Provide assistance as needed in business development, proposals, thought leadership and other market-facing opportunities.

Qualifications

Experience:

7 years of relevant experience required.  Experience working within an internal audit or IT governance, risk, and compliance function preferred.

Education:

Bachelor's degree is required. (Combination of relevant experience, education, and training may be accepted in lieu of degree.).  Degree in Computer Science, Information Technology, Information Assurance or related field preferred.

Certifications / Licenses:

Two industry recognized certifications required, such as:

• CISA or equivalent (GSEC, ECSA, SSCP)
• CompTIA certs - like Security +
• Privacy Certifications (CDPSE)
• CISSP or equivalent (CISM)
• CRISC 

Additional Requirements:         

• At least two (2) years in a managerial or team lead role.
• In-depth knowledge of cybersecurity frameworks and leading practices, which may include NIST Cybersecurity Framework, NIST 800 Series Special Publications, and ISO 27001, Secure Controls Framework, CIS Controls, and various other derivatives specific to industries.
• Strong leadership, organizational, and project management skills.
• Excellent written and verbal communication skills, with the ability to present complex information clearly to both technical and non-technical audiences.
• Experience with cybersecurity assessments, audits, and consulting engagements which may include customized deliverables.
• Experience working with financial services, government, manufacturing, healthcare or other regulated industries is a plus.
• Experience working with and evaluating traditional on-premise infrastructure, as well as hybrid or cloud environments.
• Ability to maintain compliance with continuing professional education.

Work Location & Reporting

This position is based in West Hartford, CT with some flexibility for remote work. Occasional travel may be required for client site visits

Our Perks:

• Flexible PTO (designed to offer flexible time away for you!)
• Up to 12 weeks paid parental leave
• Paid Volunteer Time Off
• Mental health coverage
• Quarterly Wellness stipend
• Fertility benefits
• Complete list of benefits here

#LI-RC1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
 
Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.