Manager Vendor Risk Management Jobs in Rosedale, MD

SC&H's Risk Practice is seeking a Senior Manager to lead and grow our service line with a strong focus on security-related consulting, including SOC (SSAE 18), ISO/IEC 27001, and ISO/IEC 42001 engagements. The ideal candidate combines sales/business development acumen, team leadership, and deep delivery expertise to shape client outcomes, scale practices, and develop high-performing teams. This role includes measurable growth responsibilities, client oversight, and engagement leadership across highly regulated and high-growth industries.

Work You'll Do:

• Business Development & Growth (40%)
  • Own a personal book-of-business growth target; lead opportunity pursuit from prospecting through close (RFPs, proposals, orals, scoping, pricing).
  • Build and manage an opportunity pipeline across SOC (1/2/3), readiness, ISO 27001 ISMS implementation/assessments, ISO 42001 (AI Management System) readiness/certification guidance, and security program advisory.
  • Develop go-to-market (GTM) offerings, thought leadership, and partner/alliances; collaborate with Marketing on campaigns and events.
  • Expand client relationships at the CISO, CIO, CTO, CAE, CFO levels; lead cross-sell with Assurance, Tax, and other Cyber/Technology teams.
• Engagement Leadership & Delivery (40%)
  • Lead SOC (SSAE 18) readiness and examination projects (SOC 1 Type 1/2, SOC 2 Type 1/2, SOC 3), including scoping, testing strategy, and report quality.
  • Lead ISO/IEC 27001 implementations (ISMS design, risk assessment, controls, internal audits, certification readiness) and ISO/IEC 42001 readiness/implementation for AI governance.
  • Oversee delivery quality, risk, and timelines across multiple concurrent engagements; ensure methodology compliance and audit defensibility.
• People Leadership & Practice Management (20%)
  • Manage, coach, and develop a team of managers/ seniors/ associates; lead staffing, utilization, and performance.
  • Champion a collaborative, inclusive, and learning-oriented culture; provide timely feedback and career guidance.
  • Strengthen delivery playbooks, templates, and accelerators; contribute to practice P&L hygiene (pricing discipline, margin, WIP/AR, scope management).

Qualifications

• Required
  • 8–12+ years of progressively responsible experience in public accounting, consulting, or a comparable risk/security practice.
  • Proven track record in SOC (SSAE 18) readiness and examinations (SOC 1/SOC 2), including planning, testing, supervision, and reporting.
  • Hands-on experience with ISO/IEC 27001 (ISMS design/implementation, internal audit, certification readiness) and familiarity with ISO/IEC 42001 (AI Management System) frameworks and AI governance concepts.
  • Demonstrated sales/business development success (pipeline creation, proposals/orals, solutioning, closing) and account growth.
  • People leadership experience: managing teams, setting priorities, and developing talent across multiple engagements.
  • Strong understanding of security and IT risk domains (identity and access, change/configuration, secure engineering, vendor risk, cloud controls, incident response, logging/monitoring, data governance, AI governance).
  • Excellent client communication, executive presence, and stakeholder management skills.
  • Prior practice-building responsibilities (offerings, pricing models, partner alliances).
• Preferred
  • Experience coordinating with external auditors and working in regulated industries (SaaS, fintech, healthcare, critical infrastructure).
  • Working knowledge of cloud security (Azure, AWS, GCP) and enabling platforms (e.g., M365/Entra ID, ServiceNow GRC, Archer, OneTrust).
• Education & Certifications
  • Bachelor’s degree in Accounting, Information Systems, Computer Science, Cybersecurity, or related field; Master’s degree a plus.
  • One or more of the following required:
    • CISA (Certified Information Systems Auditor)
    • ISO/IEC 27001 Lead Implementer or Lead Auditor (or equivalent ISO credential)
    • CPA (active)
  • Additional relevant certifications a plus: CISSP, CCSP, CRISC, CISM, ISO/IEC 42001-related training/credentials.
• Key Performance Indicators (KPIs)
  • Bookings & Revenue: Meets/exceeds individual and practice sales targets; healthy pipeline coverage, appropriate recovery/margins
  • Client Satisfaction & Expansion: New service-line cross-sells; referenceable clients.
  • People Metrics: Team utilization, retention, timely feedback, and progression of staff.

Any unsolicited resumes submitted through our website or to SC&H Group, Inc., employee e-mail accounts are considered property of SC&H Group, Inc., and are not subject to payment of agency fees. In order to be an authorized recruitment agency ("search firm") for SC&H Group, Inc., there must be a formal written agreement in place and the agency must be invited, by SC&H's Talent Acquisition team, to submit candidates for review.

ABOUT SC&H
SC&H is a national consulting and financial services firm with an expanding global footprint — home to people who believe in the power of trusted personal relationships. Everyone here shares a passion for driving results, fueled by the genuine connections we forge. Our expert capabilities and exceptional service have shaped the firm’s longstanding reputation for excellence and impressive growth. But it’s the partnerships we build and the success we help deliver that make each day rewarding — for our colleagues, our clients, and our communities.

Recognized annually by Inc., Baltimore Business Journal, Accounting Today, and Inside Public Accounting as a “Best Place to Work,” SC&H is routinely named one of the fastest-growing firms for organic growth in the United States. Our success is powered by 13 diverse practices at the intersection of finance, technology, and accounting; 430+ professionals across offices in Maryland, Tysons Corner / Washington D.C., Philadelphia, Chicago, and India; and a client base ranging from emerging growth to world-renowned Fortune 500 companies. This is the place to build lasting professional relationships, grow your skills, and fulfill your potential. 

SC&H
Make it Rewarding.

Salary & Benefits

The expected annual base salary for this position is $140,000-$175,000. Salary offers are made based on a variety of candidate specific factors such as candidate's skills, performance, job responsibilities, prior relevant experience, certain degrees and certifications and market considerations. As a 100% employee-owned firm, SC&H offers the unique benefit of real equity ownership for every colleague with at least 1 year of service. Watch your stake grow as your tenure increases and the firm achieves success. We also offer a comprehensive health plan with multiple options to suit your needs, at least 4 weeks of paid time off, 8 firm-paid holidays, 401k with employer match, and an annual firm trip for you and a guest to an all-inclusive tropical location.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.