Lead and manage cybersecurity compliance engagements for US Government standards, mentor teams, and communicate technical findings to senior stakeholders.
Work with a nationally ranked CPA and advisory firm that is passionate for what's next. Aprio has 30 U.S. office locations, one in the Philippines and more than 2,100 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio.
Join Aprio's Risk Advisory and Assurance Services team and you will help clients maximize their opportunities. Aprio is a progressive, fast-growing firm looking for a Senior Assessor (CCA or LCCA) to join their dynamic team.
The Senior Manager, IAS C3PAO leads the delivery and management of US Government cybersecurity compliance engagements which include but are not limited to CMMC, FedRAMP, GovRAMP, NIST RMF, CMS AE/DEE/EDE and NIST CSF. Engagements will be either Advisory or Assessment in nature. As an accredited FedRAMP 3PAO and an authorized CMMC C3PAO, the assessments will be official certification. This role involves both leadership and hands-on management of teams, ensuring technical rigor, operational excellence, and high client value. The successful candidate will be recognized as a subject‐matter expert in US Government cybersecurity controls, e.g, NIST 800-171 and NIST 800-53, associated compliance frameworks as listed above, and technologies used to implement and validate the controls IAW Government requirements.
Position Responsibilities:
- Lead and manage projects (referred to as engagements): scoping, client readiness, assessment execution, report preparation, findings remediation (for advisory engagements), certification recommendations, and quality assurance to meet USG standards.
- Serve as primary point of contact for clients, senior stakeholders (CISO, VP Security, program managers), and regulators.
- Oversee and mentor a team of assessors, auditors, consultants, and technical experts, ensuring consistent methodology, quality of deliverables, and adherence to accreditation standards.
- Develop and implement program frameworks, playbooks, templates, and tools for efficient assessment deployment across client sites and systems.
- Identify and escalate risks, control gaps, and remediation pathways; collaborate with clients to develop Plans of Action & Milestones (POA&Ms) and track progress.
- Ensure continuous monitoring and compliance of client systems, supporting repeat assessments and beyond certification status.
- Partner with business development, capture, and proposal teams to build the practice, win new work, and expand service offerings in information assurance and cybersecurity.
- Maintain up-to-date awareness of regulatory standards and accreditation changes to the frameworks listed above, and integrate these changes into assessment/advisory thinking.
- Communicate complex technical findings and cybersecurity risks to non-technical leadership, providing actionable recommendations.
Qualifications:
- Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or related field (Master’s a plus).
- Minimum of 6+ years of experience in cybersecurity, information assurance, third-party assessments, or compliance (experience with other C3PAOs, assessor organization or consulting firm strongly preferred).
- Demonstrated experience managing assessment engagements under frameworks such as CMMC, NIST SP 800-171/800-53, FedRAMP, GovRAMP, NIST RMF, or similar.
- Strong technical understanding of cybersecurity controls, risk-based assessment methodologies, and audit criteria.
- Leadership experience managing teams, delegating work, mentoring staff and driving high performance.
- Excellent communication skills, with experience translating technical cyber and compliance issues into business-focused insights for senior leadership.
- Ability to travel (domestic and possibly international) to client sites for assessments or audits (travel % to be determined).
- Candidate will already have successfully undergone and completed the required DoD CMMC Tier 3 background investigation for immediate placement on assessments.
- Recognized LCCA or CCA (verifiable on CyberAB marketplace) OR recognized CCP with strong understanding and experience in RMF for DoD IT or FedRAMP/DISA’s FedRAMP+.
- Demonstrated ability to manage client engagements including project planning, overall delivery structure or methodology; ability to pivot if/when client’s business landscape drives project changes.
Preferred Qualifications
- Experience with cloud environments (SaaS, IaaS, PaaS), DevSecOps, identity & access management, penetration testing or GRC toolsets.
- Previous experience in business development or growth of an assurance services practice.
The application window is anticipated to close on 2/1/25 and may be extended as needed.
Why work for Aprio:
Whether you are just starting out, looking to advance into management or searching for your next leadership role, Aprio offers an opportunity to grow with a future-focused, innovative firm.
Perks/Benefits we offer for full-time team members:
- Medical, Dental, and Vision Insurance on the first day of employment
- Flexible Spending Account and Dependent Care Account
- 401k with Profit Sharing
- 9+ holidays and discretionary time off structure
- Parental Leave – coverage for both primary and secondary caregivers
- Tuition Assistance Program and CPA support program with cash incentive upon completion
- Discretionary incentive compensation based on firm, group and individual performance
- Incentive compensation related to origination of new client sales
- Top rated wellness program
- Flexible working environment including remote and hybrid options
What’s in it for you:
- Working with an industry leader: Be part of a high-growth firm that is passionate for what’s next.
- An awesome culture: Thirty-one fundamental behaviors guide our culture every day ensuring we always deliver an exceptional team-member and client experience. We call it the Aprio Way. This shared mindset creates lasting relationships between team members and with clients.
- A great team: Work with a high-energy, passionate, caring and ambitious team of professionals in a collaborative culture.
- Entrepreneurship: Have the freedom to innovate and bring your ideas to help us grow to become the CPA firm of choice nationally.
- Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement.
- Competitive compensation: You will be rewarded with competitive compensation, industry-leading benefits and a flexible work environment to enjoy work/life balance.
EQUAL OPPORTUNITY EMPLOYER
Aprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law.
Aprio, LLP and Aprio Advisory Group, LLC, operate in an alternative business structure, with Aprio Advisory Group, LLC providing non-attest tax and consulting services, and Aprio, LLP providing CPA firm services.
Top Skills
Cloud Environments (Saas
Cmmc
Cybersecurity Frameworks
Devsecops
Fedramp
Govramp
Grc Toolsets
Iaas
Nist 800-171
Nist 800-53
Paas)
Similar Jobs
Artificial Intelligence • Cloud • Consumer Web • Productivity • Software • App development • Data Privacy
The Senior Principal Product Manager at Dropbox will define and lead the multi-product strategy, focusing on enhancing user engagement across the Dropbox ecosystem. Responsibilities include aligning product direction with company strategy, leading cross-functional teams, and establishing a dedicated multi-product team.
Computer Vision • Healthtech • Information Technology • Logistics • Machine Learning • Software • Manufacturing
The Delivery Lead will oversee the delivery of technical projects for GTM teams by managing processes, improving workflows, and engaging stakeholders for project success.
Top Skills:
ChilipiperJIRAOutreachPandadocSalesforce
AdTech • Digital Media • Machine Learning • Marketing Tech • Software • Travel • Hospitality
As a Senior Sales Manager, you'll drive revenue growth for Independent Hotels, develop territory plans, and manage a sales pipeline through effective prospecting and closing strategies.
Top Skills:
Google SuiteOffice ProductsSalesforce
What you need to know about the San Francisco Tech Scene
San Francisco and the surrounding Bay Area attracts more startup funding than any other region in the world. Home to Stanford University and UC Berkeley, leading VC firms and several of the world’s most valuable companies, the Bay Area is the place to go for anyone looking to make it big in the tech industry. That said, San Francisco has a lot to offer beyond technology thanks to a thriving art and music scene, excellent food and a short drive to several of the country’s most beautiful recreational areas.
Key Facts About San Francisco Tech
- Number of Tech Workers: 365,500; 13.9% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Google, Apple, Salesforce, Meta
- Key Industries: Artificial intelligence, cloud computing, fintech, consumer technology, software
- Funding Landscape: $50.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Sequoia Capital, Andreessen Horowitz, Bessemer Venture Partners, Greylock Partners, Khosla Ventures, Kleiner Perkins
- Research Centers and Universities: Stanford University; University of California, Berkeley; University of San Francisco; Santa Clara University; Ames Research Center; Center for AI Safety; California Institute for Regenerative Medicine
