This site uses cookies. To find out more, see our Cookies Policy


IT Risk and Security Manager in Boston, MA at CBIZ

Date Posted: 1/4/2019

Job Snapshot

Job Description

With over 100 offices and nearly 5,000 associates in major metropolitan areas and suburban cities throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level. CBIZ has been honored to be the recipient of several national recognitions: 2018 America's Best Mid-Size Employers by Forbes, 2018 Best Workplaces in Consulting & Professional Services by Great Place to Work® and FORTUNE, 2018 Workplace Excellence Seal of Approval by the Alliance for Workplace Excellence, and one of the Top 101 highest scoring companies in the country for Best and Brightest Companies to Work For in the Nation by the National Association for Business Resources.

We serve private and public companies in more than a dozen industries; not-for-profit organizations; and high net-worth individuals and family groups. When you choose CBIZ Tofias, you get proactive, accessible professionals who communicate in understandable terms, and deliver practical solutions on time, with no surprises, to help your organization thrive.

Position will be responsible for leading and executing IT risk and security engagements to assist clients in reducing overall business risk and improving the IT security and controls of the organization.  IT risk and security services roles and responsibilities include, but not limited to:

  • Managing engagements that assess the design and operating effectiveness of IT processes and procedures to meet client objectives including alignment with frameworks and compliance with laws and regulations
  • Managing IT risk and security assessments to evaluate confidentiality, processing integrity, availability, security, and privacy concerns
  • Advising management during consulting engagements, pre-assessments, and gap assessments
  • Training and managing seniors and staff in critical IT security  skills and methodologies
  • Experience in providing middle market IT risk and security services in the following is required:
  • Cybersecurity controls assessments (NIST, CIS 20, ISO 27001, COBIT, PCI DSS, HIPAA, etc.)
  • Security governance & oversight
  • Cybersecurity policies & procedures
  • Employee security awareness training and execution
  • Business continuity/disaster recovery
  • Penetration testing
  • Vulnerability assessments/testing
  • Social engineering
  • Cybersecurity strategy & plan development
  • Cybersecurity policy development
  • IT security controls improvement
  • Virtual Chief Information Security Officer (vCISO)

Essential Functions and Primary Duties

  • Evaluates and defines client requirements for IT risk & security projects
  • Defines scope and estimates project costs and details
  • Develops client relationships
  • Attends industry meetings to market CBIZ services
  • Presents technical papers and markets CBIZ capabilities
  • Directs engagements  by managing junior staff or contractors to meet project commitments

Minimum Qualifications Required

  • 6 years of combined IT security & controls experience, 3 years of supervision of staff
  • Bachelor’s degree in Information Systems / IT Security or related discipline
  • Demonstrated ability to document security and control issues, business impact, and management action plans
  • Ability to take on a business development role in the firm
  • Strong background in IT Security control assessments
  • Knowledge of COBIT and COSO and Sarbanes Oxley legislation and impact, HIPAA, Safe Harbor Privacy Rules and other regulations
  • Strong background in technical security systems and environments
  • Demonstrated ability to plan and manage engagements along with ensuring deliverables meet work-plan specifications and deadlines
  • CISA , CISSP,  CISM, and IT Security-related certifications preferred
  • Supervision of IT Staff Auditors (up to 2) may be required
  • 25-50% travel required  (based on client location and engagement details)

If you are a qualified individual with a disability you may request reasonable accommodation if you are unable or limited in your ability to use or access this site as a result of your disability. You can request a reasonable accommodation by calling 844-558-1414 (toll free) or send an email to

CBIZ is an equal opportunity employer and reviews applications for employment without regard to the applicant's race, color, religion, national origin, ancestry, age, gender, marital status, military status, veteran status, sexual orientation, disability, or medical condition or any other reason prohibited by law. If you would like more information about your EEO rights as an applicant under the law, please visit these following pages EEO is the Law and EEO is the Law Supplement.


  1. IT Jobs
  2. IT Manager Jobs

not ready to apply ?

Joining our Talent Network will enhance your job search and application process. Whether you choose to apply or just leave your information, we look forward to staying connected with you.