Senior Director, Global Assurance

What You'll Do

• Directly accountable for managing recurring project revenue of $5M-$7M USD annually
• Manages diverse team with varying level of experience and directly responsible for talent decisions affecting performance management, compensation, and hiring
• Acts as one of several in-house Subject Matter Experts for audit criteria supported by the Global Assurance team with the ability to respond to deep inquiries concerning sources of information and evolution of content, including adoption across industry sectors and regulators
• Identifies practice-wide process improvements and supports training personnel when methodologies or procedures are revised
• Provides mentorship to team members in areas of audit, assessment, technical review and report writing
• Interfaces with all levels of client points of contact (i.e., executives, counsel, directors, and economic buyers) throughout engagement lifecycle while maintaining relationships between engagement periods
• Autonomously leads interview and inquiry walkthroughs with client points of contact to determine the conformity of environments against stated requirements
• Works closely with less-experienced team members to ensure the completeness and accuracy of audit procedures for customer organization scopes
• Pursues and corroborates conclusions derived from inquiry procedures with auditee contacts while ensuring diligent interview notes are captured as a result of direct interactions with customers
• Draft audit programs that sufficiently address both the required objectives of the certification body and the complexity of the client environment
• Adheres to pre-defined project timelines and communicates possible changes to the schedule or scope of work with appropriate internal team members
• Manages priorities and tasks to achieve billable utilization targets established for the role
• Continuous professional development when maintaining subject matter-specific certifications, credentials, and designations
• Collaborates with project managers, quality assurance, and/or other delivery team members to drive customer satisfaction and the timely production of deliverables
• Identifies upsell and cross sell opportunities while appropriately leading the practice response including the development of change orders or adjustment of project schedules, where appropriate
• Understands how to apply quality standards and adheres to a minimum benchmark for quality assurance throughout the documentation of each work product or deliverable supporting engagements
• Establishes and maintains positive collaborative relationships with clients and involved stakeholders
• Provides advice to customers on issues affecting the scope of work in a manner that provides additional value beyond the text described within the audit criteria and learned through exposure with alternate environments
• Remains abreast to regulations or standards that are either in draft or approaching enforcement affecting publications via ISO

What You'll Bring

• 4-7 years experience as an IT consultant, IT auditor, or similar role
• Prior experience supporting project scoping discussions, level of effort determinations, sales, and contracting
• Extensive knowledge and application of audit planning, testing, and reporting procedures
• Extensive project experience implementing or assessing information security frameworks and control sets, such as ISO 9001, ISO 20000-1, ISO 27001, ISO 27002, ISO 27017, ISO 27018, ISO 27701, ISO 22301, Cloud Controls Matrix (CCM), NIST SP 800-53, and NIST Cyber Security Framework (CSF)
• Hold ISO 27001 Lead Auditor certification. Additionally, one or more relevant certifications as described within the Bonus Points section below.
• Capability to independently research a technical topic, develop logical testing approaches, and customize work product methodologies to be utilized by peers and support staff
• Comfort leading interview walkthroughs and inquiry sessions with client points of contact
• Knowledge of current events affecting changes within information security
• Strong people leadership skills that drive direct reports and peers in pursuit of individual goals that align with practice-level initiatives and strategy
• Confrontational personality that does not shy from difficult, interpersonal conversations while providing critical feedback that sparks aggressive career development conversations across direct reports
• Strong consulting skills with a penchant to corroborate surface-level discoveries with objective evidence
• Ability to build high-trust relationships, rapport, and credibility quickly with peers and customers
• Aptitude to lead projects comprising 2-4 support resources successfully and delegate duties appropriately
• Demonstrated experience directing engagements of low complexity independently
• Strong written and verbal communication skills, including the ability to explain technical concepts to non-technical audiences
• Personal initiatives toward organization, time management, and learning
• Attention for detail and quality processes
• Computer and typing skills that permit rapid data collection during meetings with both internal and external contacts
• Public-speaking skills set along with an apparent executive presence that solicits attention from audiences
• Inquisitive and curious nature with the ability to effectively probe for deeper information
• Familiarity with standards, frameworks, and regulations across multiple industries relevant to information security and/or data privacy
• Ability to travel 30-60%, inclusive of both domestic travel within the United States and international assignments
• Passport required
• Bachelor's degree (four-year college or university) or equivalent combination of education and experience (CIS, MIS, Risk Management, or other related degree preferred)

Bonus Points

• Understanding of underlying accreditation standards supporting certification body quality processes, such as ISO 17021-1, ISO 27006, International Accreditation Forum (IAF) Mandatory Documents (MD), and IAF Informative Documents (ID)
• Prior experience where role comprised oversight of accreditation activities based on quality processes, including, but not limited to, resource competency, monitoring activities, impartiality evaluation, risk assessment, internal audit, and management review
• Certification to any of the following information security schemes in order of relevance: CCSK, CISSP, CCSP
• Certification to any of the following audit and assessment schemes in order of relevance: CISA, CISM, CPA, CRISC, ISO 27001 Lead Auditor, ISO 9001 Lead Auditor, ISO 22301 Lead Auditor, ISO 20000-1 Lead Auditor
• Certification to any of the following industry schemes: Amazon Web Services (AWS) Certified Cloud Practitioner, AWS Solutions Architect – Associate