Cybersecurity, IT GRC Practice Lead
Description:
Are you a passionate about growing an IT Cybersecurity and IT GRC Compliance advisory practice?
Elevate is looking for a dynamic, hard charging IT Service Delivery Practice Lead who thrives on excellent client service, and takes pride in providing your clients with quality, pragmatic and on-time / on-budget advisory services. Are a leader who is also an expert in Cybersecurity and IT GRC Compliance and wants to learn more about AI Governance and AI Risk Management and more—and you love leading teams and effortlessly guiding your clients through their compliance journey.
You must be able to work hard and smart – we need a leader who is willing to frontload the hard work, roll up the sleeves, sit with the team, understand their challenges, limitations and think of pragmatic, value-added solutions that meets the objective, without blowing the budget while keeping the client happy. If you practice servanthood leadership, have an entrepreneurial bug, and are driven by a mission to manage and grow teams, keep reading.
About Elevate
We are a boutique cybersecurity and compliance advisory firm with a reputation for excellence, pragmatism, and agility. We deliver exceptional client service, pragmatic solutions, and a collaborative, roll-up-your-sleeves culture. We value integrity, creativity, and a relentless drive to help our clients succeed.
Read more about our culture and values here: elevateconsult.com/about-us
Our Mission
To be proud of what we do. To serve and enjoy our clients and the people we work with. To grow our company and grow as individuals.
About the Position
We are looking for a motivated and passionate Cybersecurity IT GRC Practice Lead that is excited to work in a fast-paced, high-energy and creative environment and is anxious to leave his/her fingerprint in our growing practice.
The Cybersecurity IT GRC Practice Lead role is an integral part to our service delivery and leadership team. The ideal candidate must be self-motivated, love providing exceptional client service, solving and coaching our teams and clients through their compliance journey in an effortless and joyful manner. We have been in business for over 15 years with hundreds of happy clients in a multitude of industries, environments, and challenges where we bring value with our solutions and placements.
This special breed of auditor/consultant is client-centric, people-centric, solution-focused, resourceful, adaptable, organized, reliable, authentic, able to work independently and in a team setting; and able to transition seamlessly between trivial day-to-day delivery and more strategic initiatives. This position requires a highly analytical, detail-oriented professional with experience identifying risks, evaluating controls, and providing strategic audit recommendations to client senior executives while providing thought leadership and ways to improve and scale the practice.
What You’ll Do:
Lead Practice Delivery (60%)
Oversee and drive the successful delivery of IT Cybersecurity & IT GRC advisory services, ensuring all client projects are completed on time, on budget, and to the highest standards of quality.
Provide hands-on leadership, including reviewing and, when necessary, producing client deliverables such as work papers, reports, and recommendations1.
Mentor, coach, and develop a high-performing team, fostering a collaborative, client-centric, and solution-focused culture.
Serve as the escalation point for client and team issues, proactively identifying and mitigating project risks, and ensuring continuous improvement in service delivery.
Maintain a pulse on all active projects, ensuring your utilization targets (minimum 60%) are met by balancing client work, team oversight, thought leadership and minimal administrative duties.
Collaborate with the CEO and leadership team on strategic initiatives, practice growth, and client engagement.
Drive Thought Leadership (40%)
Partner with the CEO and marketing team to develop and publish thought leadership content, including client case studies, practitioner checklists, how-to guides, and market/industry trend analyses.
Engage with clients to capture success stories and best practices, translating them into actionable insights for both clients and the broader market.
Continuously monitor and interpret regulatory, market, and industry trends to ensure Elevate’s services and content remain at the forefront of the cybersecurity and GRC landscape.
What you Need to Get Hired:
Experience & Expertise
10-20 years in IT GRC audit advisory, with a proven record of leading client-facing teams and delivering complex IT Cybersecurity & GRC projects for large advisory firms.
Deep domain knowledge of regulatory frameworks (SOX, SOC, ISO 27001, PCI, GDPR, NIST 800-53, and/or FedRAMP, HITRUST, CMMC, etc.) and industry best practices.
Demonstrated experience producing thought leadership materials and driving practice innovation.
Leadership & Work Ethic
Strong work ethic and commitment to a leadership role requiring on average more than 40hr work week.
Willingness to “roll up your sleeves” and engage in all aspects of delivery, from high-level strategy to detailed documentation and review.
Ability to meet 60% utilization, balancing client/project work with thought leadership and administrative responsibilities.
Client & Team Focus
Responsive and accountable to clients, team, and leadership, with a proven ability to manage multiple priorities and deliver quality outcomes under tight deadlines.
Solution-oriented, resourceful, adaptable, and able to resolve issues creatively and pragmatically.
Cultural Fit
Self-motivated, entrepreneurial, and passionate about leading teams and serving clients.
Smart, creative, authentic, and collaborative; able to thrive in a small, fast-paced, and values-driven firm.
Strong communicator, easy to work with, and committed to continuous learning and improvement.
Education & Credentials
Bachelor’s degree in a relevant field (MIS, IT, Computer Science, Business, etc.).
Professional certifications such as CISA, CISSP, CISM preferred or a commitment to obtain them.
Deep knowledge of SOX, SOC, ISO 27001, PCI, GDPR, and familiarity with NIST 800-53 frameworks. Travel Requirements
This is a remote position; no travel is required Why You’ll Want to Join Us
We’re a tight-knit, values-driven team where smart, capable people thrive without bureaucracy
We support autonomy, ownership, flexibility, and real impact
Competitive salary ($160,000–$210,000), performance bonuses, full healthcare, 401(k) with employer match, paid vacation, and performance incentives
Minimal travel; fully remote; flexible work arrangements Competitive compensation based on experience; provides full healthcare insurance (Medical, Vision, Dental, Basic Life and other wellness benefits), 401k including employer contribution (once vested), paid vacation packages and performance-based bonuses.
If you’re ready to take on high-value cybersecurity challenges, build meaningful client relationships, and help elevate the security posture of leading organizations—let’s talk.