Strategy, Risk & Compliance Manager

Kudelski Security
Job LocationUS Remote
Job TagCybersecurity


The Strategy, Risk, & Compliance (SRC) Manager is a crucial member of our Kudelski Security Services business, responsible for the design and delivery of solutions for our clients. The SRC Manager will report to the SRC Practice Leader and will work both individually and as a part of a team to support client engagements, including delivering security program and control assessments, leading assessment remediation efforts, and providing vCISO related services. The SRC Manager will support and leverage other Kudelski Security Practices for alignment on assessment criteria, recommendations, and remediation efforts.


  • Collaborate and coordinate with Kudelski Security Practice Leaders, Experts, and Consultants on the design and delivery of security program and control assessments.
  • Establish and maintain internal and external credibility as the SRC expert responsible for security program and control assessment approach across multiple frameworks.
  • Identify and maintain security program assessment tools, templates, and samples necessary for the sales and delivery of security assessment services.
  • Ensure processes for onboarding new customers and users, building workflows, creating reports and dashboards, tool administration, and execution of assessment engagements are well documented, understood by delivery team members, and result in a positive customer experience.
  • Assist in the development of proposals and Statement of Works (SOW) to deliver SRC projects and marketing collateral.
  • Function as an SRC Engagement Team Lead, responsible for successful delivery of SRC projects.
  • This includes:
  • Identify client needs through discovery meetings and discussions, often in collaboration with regional sales teams and other practice members.
  • Define engagement scope, approach, timelines, work breakdown structure, project plans, staffing requirements, deliverables, risks, and issues.
  • Manage client and engagement team relationships throughout the engagement, delivering high quality, value, and a positive client experience.
  • Setting engagement team expectations and providing performance feedback.
  • Leading and participating in client meetings and preparing for and conducting interviews and workshops.
  • Perform, delegate, and oversee delivery tasks related to note taking, documentation review, research, data analysis, report creation, executive briefings, and similar activities based on the SOW.
  • Identify additional client needs during delivery and engage appropriate resources to present potential solutions to the client.
  • As necessary, function as a Delivery Team member, under the direction of another Engagement Team Lead, performing assigned engagement tasks.


  • 5+ years’ experience in cybersecurity, with governance, risk, compliance consulting
  • Very familiar with NIST and ISO2700

Cybersecurity: Industry Professionals Share Tips and Tidbits

Two industry professionals from the Cybersecurity industry joined us for a webinar on Determining Which Cybersecurity Work Environment is Right for You. Read along as we highlight some key takeaways from that conversation where they discuss their work environments, workflows, and cultural impact.

Related Industries: Cybersecurity
Hand typing on keyboard.

STEM: Industry Professionals Share Tips and Tidbits

On International Women’s Day, a few of the ladies from Nike joined us for a discussion on women in STEM. Learn more about some of the key takeaways from breakout room sessions on Overcoming Barriers and International Work as a Woman in STEM.

Related Industries: Computer Science, Cybersecurity, Data Analytics, Data Science, FinTech, Product Management, Technology Project Management, Web Development
A woman stands in a lab coat.