Cybersecurity, IT GRC Practice Lead

About The Position

Requirements

• 10-20 years in IT GRC audit advisory, with a proven record of leading client-facing teams and delivering complex IT Cybersecurity & GRC projects for large advisory firms.
• Deep domain knowledge of regulatory frameworks (SOX, SOC, ISO 27001, PCI, GDPR, NIST 800-53, and/or FedRAMP, HITRUST, CMMC, etc.) and industry best practices.
• Demonstrated experience producing thought leadership materials and driving practice innovation.
• Strong work ethic and commitment to a leadership role requiring on average more than 40hr work week.
• Willingness to “roll up your sleeves” and engage in all aspects of delivery, from high-level strategy to detailed documentation and review.
• Ability to meet 60% utilization, balancing client/project work with thought leadership and administrative responsibilities.
• Responsive and accountable to clients, team, and leadership, with a proven ability to manage multiple priorities and deliver quality outcomes under tight deadlines.
• Solution-oriented, resourceful, adaptable, and able to resolve issues creatively and pragmatically.
• Self-motivated, entrepreneurial, and passionate about leading teams and serving clients.
• Smart, creative, authentic, and collaborative; able to thrive in a small, fast-paced, and values-driven firm.
• Strong communicator, easy to work with, and committed to continuous learning and improvement.
• Bachelor’s degree in a relevant field (MIS, IT, Computer Science, Business, etc.).
• Professional certifications such as CISA, CISSP, CISM preferred or a commitment to obtain them.
• Deep knowledge of SOX, SOC, ISO 27001, PCI, GDPR, and familiarity with NIST 800-53 frameworks.

Responsibilities

• Lead Practice Delivery (60%) Oversee and drive the successful delivery of IT Cybersecurity & IT GRC advisory services, ensuring all client projects are completed on time, on budget, and to the highest standards of quality.
• Provide hands-on leadership, including reviewing and, when necessary, producing client deliverables such as work papers, reports, and recommendations1.
• Mentor, coach, and develop a high-performing team, fostering a collaborative, client-centric, and solution-focused culture.
• Serve as the escalation point for client and team issues, proactively identifying and mitigating project risks, and ensuring continuous improvement in service delivery.
• Maintain a pulse on all active projects, ensuring your utilization targets (minimum 60%) are met by balancing client work, team oversight, thought leadership and minimal administrative duties.
• Collaborate with the CEO and leadership team on strategic initiatives, practice growth, and client engagement.
• Drive Thought Leadership (40%) Partner with the CEO and marketing team to develop and publish thought leadership content, including client case studies, practitioner checklists, how-to guides, and market/industry trend analyses.
• Engage with clients to capture success stories and best practices, translating them into actionable insights for both clients and the broader market.
• Continuously monitor and interpret regulatory, market, and industry trends to ensure Elevate’s services and content remain at the forefront of the cybersecurity and GRC landscape.

Benefits

• full healthcare
• 401(k) with employer match
• paid vacation
• performance incentives
• full healthcare insurance (Medical, Vision, Dental, Basic Life and other wellness benefits)
• 401k including employer contribution (once vested)
• paid vacation packages and performance-based bonuses