Cybersecurity Risk & Compliance Manager Position Available In Suffolk, Massachusetts

Cybersecurity Risk & Compliance Manager McKinsey & Company parental leave, paid time off United States, Massachusetts, Boston Jun 18, 2025 Technology & Digital
Cybersecurity Risk & Compliance Manager

Job ID:

97938 Do you want to work on complex and pressing challenges-the kind that bring together curious, ambitious, and determined leaders who strive to become better every day? If this sounds like you, you’ve come to the right place.
Your Impact As a Security Manager within the Tech Ecosystem’s Cybersecurity Pillar (1st LOD), you’ll be supporting a dedicated

U.S. CMMC

compliant Cloud environment, serving a wide range of U.S. Government clients. You’ll be a key member of the team, responsible for the end-to-end delivery of the environment’s cybersecurity program.
You’ll lead the strategy for compliance with current and forthcoming certification requirements, including the preparation and management of external audits. You’ll provide security guidance and expertise to technical and non-technical stakeholders, helping them make risk-informed decisions balancing security with cost, complexity and user experience. You’ll create, document, and implement cybersecurity policies, standards, guidelines and procedures.
You’ll conduct new service, product and vendor risk assessments, reviews and approvals. You’ll provide metrics and reporting to senior management on risk levels and program effectiveness and provide cybersecurity training and awareness campaigns. You’ll proactively identify and own the remediation of security issues, driving risk reduction and the continual improvement of the cybersecurity program. You’ll design and run cross-team tabletop incident response exercises and work with the SOC in the identification and remediation of suspected and actual security incidents.
In addition, you’ll support security engineers and other technical colleagues within the team in asset management, vulnerability management and change management. More broadly, you’ll support Client Service Teams (CSTs) to ensure cybersecurity is addressed throughout the engagement lifecycle and work closely with various technical and non-technical stakeholders across the firm, including 2nd Line Risk Teams, Legal, Privacy, as well as 3rd Party Service Providers.
Your Growth You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact.
In return for your drive, determination, and curiosity, we’ll provide the resources, mentorship, and opportunities to help you quickly broaden your expertise, grow into a well-rounded professional, and contribute to work that truly makes a difference.
When you join us, you will have:
Continuous learning: Our learning and apprenticeship culture, backed by structured programs, is all about helping you grow while creating an environment where feedback is clear, actionable, and focused on your development. The real magic happens when you take the input from others to heart and embrace the fast-paced learning experience, owning your journey.
A voice that matters: From day one, we value your ideas and contributions. You’ll make a tangible impact by offering innovative ideas and practical solutions. We not only encourage diverse perspectives, but they are critical in driving us toward the best possible outcomes.
Global community: With colleagues across 65+ countries and over 100 different nationalities, our firm’s diversity fuels creativity and helps us come up with the best solutions. Plus, you’ll have the opportunity to learn from exceptional colleagues with diverse backgrounds and experiences.
Exceptional benefits: In addition to a competitive salary (based on your location, experience, and skills), we offer a comprehensive benefits package, including medical, dental, mental health, and vision coverage for you, your spouse/partner, and children.
Your qualifications and skills US citizenship is mandatory
5+ years’ experience in a similar Security Manager role
Bachelor’s degree in cybersecurity, computer science or similar preferred but not essential
CISSP, CISM, CISA, CIPP/US or similar certification preferred but not essential
Implementation experience with common cybersecurity standards and certifications, such as

U.S. CMMC, NIST

800-171, or FedRAMP
Experience with global data privacy, residency and localization requirements preferred but not essential
Excellent organization capabilities, including the ability to initiate tasks independently and see them through to completion
Strong communication skills, both verbal and written, with the ability to adjust your style to suit different perspectives and seniority levels
Strong analytical and problem-solving skills
Customer and solution focused with the ability to translate business requirements into pragmatic and risk-based security decisions
Please review the additional requirements regarding essential job functions of McKinsey colleagues. Apply Now
Apply Later

FOR U.S. APPLICANTS

McKinsey & Company is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law. Certain US jurisdictions require McKinsey & Company to include a reasonable estimate of the salary for this role.
For new joiners for this role in the United States, including all office locations where the job may be performed, a reasonable estimated range
is $147,900

• $193,100 USD
• to help you understand what you can expect.

This reflects our best estimate of the lowest to highest
[salary/hourly wages] for this role at the time of this posting, ensuring you have a clear picture right from the start, though it’s important
to remember that actual salaries may vary. Factors like your office location, your unique blend of experience and skills, start date and our current
organizational needs all play a part in determining the final figure. Certain roles are also eligible for bonuses, subject to McKinsey’s discretion
and based on factors such as individual and/or organizational performance. Additionally, we provide a comprehensive benefits package that reflects our commitment to the wellness of our colleagues and their families.
This includes medical, mental health, dental and vision coverage, telemedicine services, life, accident and disability insurance, parental leave and family planning benefits, caregiving resources, a generous retirement contributions program, financial guidance,
and paid time off.

FOR NON-U.S. APPLICANTS

McKinsey & Company is an Equal Opportunity employer. For additional details
regarding our global EEO policy and diversity initiatives, please visit our
McKinsey Careers and
Diversity & Inclusion sites. Job Skill Group

• N/A Job Skill Code
• SCM•Security Manager I Function•Technology Industry•High Tech Post to LinkedIn•Yes Posted to LinkedIn Date•Thu May 22 00:00:00 GMT 2025 LinkedIn Posting City•Washington DC LinkedIn Posting State/Province•District of Columbia LinkedIn Posting Country•United States LinkedIn Job Title•Cybersecurity Risk & Compliance Manager LinkedIn Function•Information Technology LinkedIn Industry•Information Technology and Services LinkedIn Seniority Level•Mid-Senior level