Vice President, Compliance & GRC

About Agency Cybersecurity:

Agency Cybersecurity is a fast-growing ventured back startup that provides best-in-class cybersecurity and compliance. Our software and services simplify complex compliance frameworks including SOC2, ISO 27001, HIPAA, and others, empowering businesses to scale securely and confidently. We're backed by top-tier investors like Y Combinator and have offices in NYC, Boston, Richmond, and London.


Location: 100% On-Site in New York, NY

Position Type: Full-Time, Salaried

Experience Level: Vice President Level

Compensation: $175,000 to $225,000+ total comp, including annual bonus and benefits.


Agency Cybersecurity is seeking a Vice President of Compliance & GRC to lead and scale our cybersecurity compliance practice. This is a senior executive role with full P&L responsibility, accountable for practice delivery, team leadership, client outcomes, and revenue growth.

This role is ideal for a seasoned compliance leader who has built and run large portfolios of SOC 2 and related compliance engagements in a consulting environment and is ready to own an entire practice end-to-end.

Given the client delivery and practice ownership responsibilities, this role requires prior leadership experience in a cybersecurity or compliance consulting firm.


Role Overview:

As VP of Compliance & GRC, you will own the Compliance & Assurance practice at Agency Cybersecurity. You will be responsible for setting strategy, managing delivery quality, leading and scaling a team, overseeing client relationships, and driving both retention and growth across the portfolio.

You will act as the senior escalation point for complex engagements, guide key clients as a trusted executive advisor, and partner closely with leadership on pricing, packaging, hiring, and go-to-market strategy.


Key Responsibilities:


Practice Ownership & P&L

  • Own full P&L responsibility for the Compliance & GRC practice, including revenue, margins, utilization, and cost management
  • Set practice strategy, service offerings, pricing models, and delivery standards
  • Forecast revenue, manage capacity planning, and drive sustainable growth
  • Partner with leadership on annual planning, targets, and practice expansion


Client Delivery & Advisory

  • Serve as executive sponsor and senior escalation point for key client engagements
  • Oversee delivery of SOC 2, ISO 27001, HIPAA, and other compliance frameworks across a large client portfolio
  • Ensure consistent, high-quality delivery across all engagements, from readiness through audit completion
  • Guide clients through complex compliance, risk, and regulatory challenges
  • Maintain strong executive-level client relationships and drive renewals and expansions


Team Leadership & Scaling

  • Build, manage, and scale a team of managers, senior consultants, and junior staff
  • Directly manage practice leaders and senior managers; indirectly oversee a larger delivery team
  • Set performance standards, career paths, and development plans
  • Lead hiring, onboarding, and training strategy for the practice
  • Foster a high-accountability, high-performance consulting culture


Growth & Go-To-Market

  • Drive practice growth through upsells, cross-sells, renewals, and new client acquisition
  • Support sales and business development through scoping, proposals, and executive-level client conversations
  • Help shape marketing narratives, thought leadership, and service positioning
  • Identify new frameworks, offerings, and market opportunities to expand the practice


Required Qualifications:

  • 7+ years of experience in cybersecurity and compliance consulting
  • Demonstrated experience owning and leading large portfolios of SOC 2 engagements
  • Deep domain expertise with 40+ SOC 2 engagements completed as primary point of contact
  • Proven experience leading SOC 2, ISO 27001, HIPAA, and related audits end-to-end
  • Prior experience managing teams of 10+ consultants, including managers and senior staff
  • Strong understanding of SOC 2, ISO 27001, HIPAA, NIST, and related frameworks
  • Track record of balancing delivery excellence with commercial outcomes
  • Exceptional executive-level communication and client relationship skills
  • Strong financial, operational, and strategic judgment
  • Bachelor’s degree in Information Security, Computer Science, Business, or equivalent experience


Preferred Qualifications:

  • Professional certifications (CISSP, CISA, CISM, CRISC, or similar)
  • Experience with compliance automation and GRC platforms (Vanta, Drata, etc.)
  • Background working with high-growth technology companies and startups
  • Experience with additional frameworks such as FedRAMP, PCI-DSS, or GDPR
  • Previous experience at a Big Four firm or top-tier cybersecurity consultancy
  • Strong technical foundation in cloud infrastructure and security architecture


What We Offer:

  • Executive-level compensation: target $175,000–$225,000+ total compensation, including performance-based bonus tied to practice P&L
  • Significant leadership autonomy and ownership of a core revenue practice
  • Opportunity to build, scale, and shape a flagship compliance business
  • Work with top-tier, venture-backed and growth-stage clients
  • Collaborative executive team and fast-growing platform
  • Long-term career growth with potential for expanded leadership scope

Comply

New York, NY

Share on:

Terms of servicePrivacyCookiesPowered by Rippling