Risk Senior Manager
About the role
SC&H's Risk Practice is seeking a Senior Manager to lead and grow our service line with a strong focus on security-related consulting, including SOC (SSAE 18), ISO/IEC 27001, and ISO/IEC 42001 engagements.
Responsibilities
Business Development & Growth (40%)
- Own a personal book-of-business growth target; lead opportunity pursuit from prospecting through close (RFPs, proposals, orals, scoping, pricing).
- Build and manage an opportunity pipeline across SOC (1/2/3), readiness, ISO 27001 ISMS implementation/assessments, ISO 42001 (AI Management System) readiness/certification guidance, and security program advisory.
- Develop go-to-market (GTM) offerings, thought leadership, and partner/alliances; collaborate with Marketing on campaigns and events.
- Expand client relationships at the CISO, CIO, CTO, CAE, CFO levels; lead cross-sell with Assurance, Tax, and other Cyber/Technology teams.
Engagement Leadership & Delivery (40%)
- Lead SOC (SSAE 18) readiness and examination projects (SOC 1 Type 1/2, SOC 2 Type 1/2, SOC 3), including scoping, testing strategy, and report quality.
- Lead ISO/IEC 27001 implementations (ISMS design, risk assessment, controls, internal audits, certification readiness) and ISO/IEC 42001 readiness/implementation for AI governance.
- Oversee delivery quality, risk, and timelines across multiple concurrent engagements; ensure methodology compliance and audit defensibility.
People Leadership & Practice Management (20%)
- Manage, coach, and develop a team of managers/ seniors/ associates; lead staffing, utilization, and performance.
- Champion a collaborative, inclusive, and learning-oriented culture; provide timely feedback and career guidance.
- Strengthen delivery playbooks, templates, and accelerators; contribute to practice P&L hygiene (pricing discipline, margin, WIP/AR, scope management).
Qualifications
- 8–12+ years of progressively responsible experience in public accounting, consulting, or a comparable risk/security practice.
- Proven track record in SOC (SSAE 18) readiness and examinations (SOC 1/SOC 2), including planning, testing, supervision, and reporting.
- Hands-on experience with ISO/IEC 27001 (ISMS design/implementation, internal audit, certification readiness) and familiarity with ISO/IEC 42001 (AI Management System) frameworks and AI governance concepts.
- Demonstrated sales/business development success (pipeline creation, proposals/orals, solutioning, closing) and account growth.
- People leadership experience: managing teams, setting priorities, and developing talent across multiple engagements.
- Strong understanding of security and IT risk domains (identity and access, change/configuration, secure engineering, vendor risk, cloud controls, incident response, logging/monitoring, data governance, AI governance).
- Excellent client communication, executive presence, and stakeholder management skills.
- Prior practice-building responsibilities (offerings, pricing models, partner alliances).
Preferred
- Experience coordinating with external auditors and working in regulated industries (SaaS, fintech, healthcare, critical infrastructure).
- Working knowledge of cloud security (Azure, AWS, GCP) and enabling platforms (e.g., M365/Entra ID, ServiceNow GRC, Archer, OneTrust).
Education & Certifications
- Bachelor’s degree in Accounting, Information Systems, Computer Science, Cybersecurity, or related field; Master’s degree a plus.
- One or more of the following required:
- CISA (Certified Information Systems Auditor)
- ISO/IEC 27001 Lead Implementer or Lead Auditor (or equivalent ISO credential)
- CPA (active)
- Additional relevant certifications a plus: CISSP, CCSP, CRISC, CISM, ISO/IEC 42001-related training/credentials.
KPIs
- Bookings & Revenue: Meets/exceeds individual and practice sales targets; healthy pipeline coverage, appropriate recovery/margins
- Client Satisfaction & Expansion: New service-line cross-sells; referenceable clients.
- People Metrics: Team utilization, retention, timely feedback, and progression of staff.
About Sc&h
SC&H is an employee-owned, global consulting and financial services firm – home to people who believe in the power of trusted personal relationships. Everyone here shares a passion for driving results, fueled by the genuine connections we forge. Our expert capabilities and exceptional service have shaped the firm’s longstanding reputation for excellence and impressive growth. But it’s the partnerships we build and the success we help deliver that make each day rewarding — for our colleagues, our clients, and our communities.
Salary & Benefits
The expected annual base salary for this position is $140,000-$175,000. Salary offers are made based on a variety of candidate specific factors such as candidate's skills, performance, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. As a 100% employee-owned firm, SC&H offers the unique benefit of real equity ownership for every colleague with at least 1 year of service. Watch your stake grow as your tenure increases and the firm achieves success. We also offer a comprehensive health plan with multiple options to suit your needs, at least 4 weeks of paid time off, 8 firm-paid holidays, 401k with employer match, and an annual firm trip for you and a guest to an all-inclusive tropical location.