Vice President, Compliance & GRC at Agency Cybersecurity

New York, New York, United States -

Full Time

Start Date

Immediate

Expiry Date

21 Mar, 26

Salary

225000.0

Posted On

21 Dec, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Compliance, GRC, Cybersecurity, SOC 2, ISO 27001, HIPAA, Client Relationships, Team Leadership, P&L Management, Risk Management, Strategic Planning, Business Development, Executive Communication, Operational Excellence, Consulting, Frameworks

Industry

Computer and Network Security

Description

Location: 100% On-Site in New York, NY Position Type: Full-Time, Salaried Experience Level: Vice President Level Compensation: $175,000 to $225,000+ total comp, including annual bonus and benefits. Agency Cybersecurity is seeking a Vice President of Compliance & GRC to lead and scale our cybersecurity compliance practice. This is a senior executive role with full P&L responsibility, accountable for practice delivery, team leadership, client outcomes, and revenue growth. This role is ideal for a seasoned compliance leader who has built and run large portfolios of SOC 2 and related compliance engagements in a consulting environment and is ready to own an entire practice end-to-end. Given the client delivery and practice ownership responsibilities, this role requires prior leadership experience in a cybersecurity or compliance consulting firm. Role Overview: As VP of Compliance & GRC, you will own the Compliance & Assurance practice at Agency Cybersecurity. You will be responsible for setting strategy, managing delivery quality, leading and scaling a team, overseeing client relationships, and driving both retention and growth across the portfolio. You will act as the senior escalation point for complex engagements, guide key clients as a trusted executive advisor, and partner closely with leadership on pricing, packaging, hiring, and go-to-market strategy. Key Responsibilities: Practice Ownership & P&L Own full P&L responsibility for the Compliance & GRC practice, including revenue, margins, utilization, and cost management Set practice strategy, service offerings, pricing models, and delivery standards Forecast revenue, manage capacity planning, and drive sustainable growth Partner with leadership on annual planning, targets, and practice expansion Client Delivery & Advisory Serve as executive sponsor and senior escalation point for key client engagements Oversee delivery of SOC 2, ISO 27001, HIPAA, and other compliance frameworks across a large client portfolio Ensure consistent, high-quality delivery across all engagements, from readiness through audit completion Guide clients through complex compliance, risk, and regulatory challenges Maintain strong executive-level client relationships and drive renewals and expansions Team Leadership & Scaling Build, manage, and scale a team of managers, senior consultants, and junior staff Directly manage practice leaders and senior managers; indirectly oversee a larger delivery team Set performance standards, career paths, and development plans Lead hiring, onboarding, and training strategy for the practice Foster a high-accountability, high-performance consulting culture Growth & Go-To-Market Drive practice growth through upsells, cross-sells, renewals, and new client acquisition Support sales and business development through scoping, proposals, and executive-level client conversations Help shape marketing narratives, thought leadership, and service positioning Identify new frameworks, offerings, and market opportunities to expand the practice Required Qualifications: 7+ years of experience in cybersecurity and compliance consulting Demonstrated experience owning and leading large portfolios of SOC 2 engagements Deep domain expertise with 40+ SOC 2 engagements completed as primary point of contact Proven experience leading SOC 2, ISO 27001, HIPAA, and related audits end-to-end Prior experience managing teams of 10+ consultants, including managers and senior staff Strong understanding of SOC 2, ISO 27001, HIPAA, NIST, and related frameworks Track record of balancing delivery excellence with commercial outcomes Exceptional executive-level communication and client relationship skills Strong financial, operational, and strategic judgment Bachelor’s degree in Information Security, Computer Science, Business, or equivalent experience Preferred Qualifications: Professional certifications (CISSP, CISA, CISM, CRISC, or similar) Experience with compliance automation and GRC platforms (Vanta, Drata, etc.) Background working with high-growth technology companies and startups Experience with additional frameworks such as FedRAMP, PCI-DSS, or GDPR Previous experience at a Big Four firm or top-tier cybersecurity consultancy Strong technical foundation in cloud infrastructure and security architecture What We Offer: Executive-level compensation: target $175,000–$225,000+ total compensation, including performance-based bonus tied to practice P&L Significant leadership autonomy and ownership of a core revenue practice Opportunity to build, scale, and shape a flagship compliance business Work with top-tier, venture-backed and growth-stage clients Collaborative executive team and fast-growing platform Long-term career growth with potential for expanded leadership scope

Responsibilities

The Vice President of Compliance & GRC will own the Compliance & Assurance practice, responsible for setting strategy, managing delivery quality, and overseeing client relationships. This role includes full P&L responsibility and driving growth across the portfolio.