Manager - Cyber Compliance (FedRamp/CMMC)

Company:  RSM US LLP
Location: McLean
Closing Date: 09/11/2024
Salary: £125 - £150 Per Annum
Hours: Full Time
Type: Permanent
Job Requirements / Description

We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You'll find an environment that inspires and empowers you to thrive both personally and professionally. There's no one like you and that's why there's nowhere like RSM.

FedCyber Manager - Security, Privacy, and Risk

To address the critical needs of our clients, RSM US LLP has established the Security, Privacy, and Risk group, consisting of over 300 professionals dedicated to cybersecurity. Our experienced consultants, located nationwide, help clients prevent, detect, and respond to security threats that may impact their critical systems and data. We serve a diverse range of industries and are relied upon for expertise in security testing, architecture, governance, compliance, and digital forensics.

We are seeking a Manager to join our Security, Privacy & Risk practice, focusing on Government Contractors serving commercial entities with an emphasis on cybersecurity frameworks and data protection requirements. The Manager of FedCyber will oversee the delivery of various cybersecurity services while understanding the specific risks related to cyber regulatory expectations that impact government contractors serving defense and civilian agencies. This role involves assisting organizations in establishing effective data protection programs to safeguard critical assets.

Candidates should possess a range of skills, including performing and overseeing cybersecurity governance assessments (e.g., FedRAMP, FISMA, CMMC, MARS-E), vulnerability assessments, penetration testing, and incident response. Additionally, experience in managing teams that deliver technical deployments of SIEM, DLP, and Identity Management solutions is highly desirable.

Responsibilities will be based on background but will typically include:

  • Oversee the delivery and management of various cybersecurity engagements and team members, ensuring high-quality work products that meet client expectations.

  • Manage and grow key client accounts/relationships to facilitate the transformation of the clients' cyber agenda.

  • Communicate effectively with client management and project leaders to build strong client relationships.

  • Cultivate deep client relationships to exceed satisfaction levels.

  • Support new business development activities as outlined in the goal-setting process.

  • Manage cybersecurity governance and compliance assessments against various regulatory and industry standards, including FISMA, FedRAMP, CMMC, MARS-E, NYDFS, HIPAA/HITECH, and NERC/CIP.

  • Assist clients in designing and implementing cybersecurity remediation strategies to enhance the overall maturity of their cybersecurity programs by identifying suitable technologies, policies, and organizational structures.

  • Identify and clearly articulate findings to senior management and clients, both in writing and verbally.

  • Help pinpoint improvement opportunities for assigned clients.

Required qualifications:

  • Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field from an accredited college or university.

  • 5 to 7+ years of relevant experience in cybersecurity governance and compliance consulting, or equivalent academic experience with an advanced degree.

  • Certifications in cybersecurity, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified CMMC Professional (CCP), and Certified CMMC Assessor (CCA).

  • Willingness to travel up to 30% to client sites to support various engagements.

  • Technical expertise and the ability to discuss topics in one or more of the following areas: network and IT infrastructure, application and database design, IT governance and risk management, third-party management, incident response, and knowledge of standard network and IT security components.

  • Familiarity with key cybersecurity compliance standards and regulations, including but not limited to FedRAMP, CMMC, NIST CSF, and GLBA.

  • Strong interpersonal skills with a proven track record in a professional services firm, large consultancy, or similar environment.

  • Demonstrated ability to collaborate effectively, especially with cross-functional teams.

At RSM, we offer a competitive benefits and compensation package for all our people. We offer flexibility in your schedule, empowering you to balance life's demands, while also maintaining your ability to serve clients. Learn more about our total rewards at .

As an Affirmative Action and Equal Opportunity Employer all applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; US Military/Veteran status; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law.

Accommodation for applicants with disabilities is available upon request in connection with the recruitment process and/or employment/partnership. RSM is committed to providing equal opportunity and reasonable accommodation for people with disabilities. If you require a reasonable accommodation to complete an application, interview, or otherwise participate in the recruiting process, please call us at 800-274-3978 or send us an email at

RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). If you are a recent U.S. college/university graduate possessing 1-2 years of progressive and relevant work experience in a same or similar role to the one for which you are applying, excluding internships, you may be eligible for hire as an experienced associate.

RSM will consider for employment qualified applicants with arrest or conviction records in accordance with the requirements of applicable law, including but not limited to, the California Fair Chance Act, the Los Angeles Fair Chance Initiative for Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the San Francisco Fair Chance Ordinance. For additional information regarding RSM's background check process, including information about job duties that necessitate the use of one or more types of background checks, click here.

At RSM, an employee's pay at any point in their career is intended to reflect their experiences, performance, and skills for their current role. The salary range (or starting rate for interns and associates) for this role represents numerous factors considered in the hiring decisions including, but not limited to, education, skills, work experience, certifications, location, etc. As such, pay for the successful candidate(s) could fall anywhere within the stated range.

Compensation Range: $103,300 - $207,400

Individuals selected for this role will be eligible for a discretionary bonus based on firm and individual performance.

#J-18808-Ljbffr
Apply Now
An error has occurred. This application may no longer respond until reloaded. Reload 🗙