We are the leading provider of professional services to the middle market globally, our purpose is to instill confidence in a world of change, empowering our clients and people to realize their full potential. Our exceptional people are the key to our unrivaled, inclusive culture and talent experience and our ability to be compelling to our clients. You’ll find an environment that inspires and empowers you to thrive both personally and professionally. There’s no one like you and that’s why there’s nowhere like RSM.

The Information Security Governance Lead is responsible for identifying, reporting on and recommending remediations for technical risks to firm and client information. Key roles for this position include applying information security controls frameworks to IT environments in production and in development and aligning information security controls with DevOps pipelines. This position is the RSM subject matter expert on Cybersecurity Maturity Model Certification (CMMC) certification requirements, the application of NIST 800-53/171, NIST-CSF, ISO 27001, and RSM security standards across RSM IT environments. These controls may apply to corporate IT, Line of Business, and Vendor managed on-premise or cloud hosted IT environments.

Essential Duties

• Lead research analysis efforts to document, develop, apply, evaluate and test the effectiveness of security controls and compliance with standard security frameworks with a focus on NIST 800-53/171 and NIST-CSF, ISO 27001 standards.

• Lead and organize tasks to document, design, control, and protect information systems supporting sensitive client data with mandated compliance requirements (i.e., Controlled Unclassified Information, Protected Health Information)

• Manages roadmap for IT system and technology project compliance with documented security policy, standards and stated control frameworks

• Communicates the effectiveness of security controls to IT leadership and the business. Recommends mitigating controls.

• Provide Subject Matter Expertise and leadership in multiple areas supporting security policy, standards, security compliance, project related work, and other Information Security functions.

• Manage security integration into the DevOps pipeline.

• Other duties as assigned

EDUCATION/CERTIFICATIONS

Required:

• Bachelor’s degree or equivalent work experience

Preferred:

• CISSP, CISA
• Master’s degree in relevant field

TECHNICAL/SOFT SKILLS

Required:

• Critical and structured thinking, formal analytic methods
• Ability to brief executives and a variety of stakeholders
• Solid understanding of security applied to OS, applications, networking, cloud, mobile, etc.
• Ability to perform under pressure and handle multiple priorities

EXPERIENCE

Required:

• 10+ years information security experience
• Ability to perform under pressure and handle multiple priorities
• Experience and familiarity with ISO 27001, NIST 800-53 or 800-171

LEADERSHIP SKILLS

Required:

• Experience leading multidisciplinary groups and organizations through security incidents is required.
• Ability to communicate and influence technical IT operators as well as very senior leadership.
• Cultural Leadership - Build, develop, and maintain rapport with IT counterparts, other stakeholders, and internally

At RSM, we offer a competitive benefits and compensation package for all our people. We support and inspire you to prioritize your wellbeing by delivering personalized, holistic programming for your physical, emotional, financial and community wellbeing. RSM has a generous time off policy with at least 14 paid holidays, wellbeing days and associate and above access to self-managed time off. We offer flexibility in your schedule, empowering you to balance life’s demands, while also maintaining your ability to serve clients. Learn more about our total rewards at https://rsmus.com/careers/working-at-rsm/benefits.

RSM is proud to be an Affirmative Action and Equal Employment Opportunity employer. We are proud to provide our employees with tools to assist them in being successful in achieving both personal and professional goals. We welcome and support all our employees to thrive in an environment free of discrimination and harassment. As an Affirmative Action and Equal Opportunity Employer all applicants will receive consideration for employment as RSM does not tolerate discrimination and/or harassment based on race; color; creed; sincerely held religious beliefs, practices or observances; sex (including pregnancy or disabilities related to nursing); gender (including gender identity and/or gender expression); sexual orientation; HIV Status; national origin; ancestry; familial or marital status; age; physical or mental disability; citizenship; political affiliation; medical condition (including family and medical leave); domestic violence victim status; past, current or prospective service in the US uniformed service; pre-disposing genetic characteristics or any other characteristic protected under applicable federal, state or local law.

RSM does not intend to hire entry level candidates who will require sponsorship now OR in the future (i.e. F-1 visa holders). However, those candidates who may be recent U.S. college / university graduates possessing 1-2 years of progressive and relevant work experience, excluding internships, in the U.S. or his/her home country would be eligible for hire as an experienced candidate and thus eligible for sponsorship.

Compensation Range: $110,300 - $204,200