Employment Type: Full-Time
Work Arrangement: Remote
Practice Area: Assurance – Risk Advisory & Assurance Services
Available Locations:
Atlanta, GA · Alpharetta, GA · Austin, TX · Birmingham, AL · Boston, MA · Charlotte, NC · Chicago, IL · Denver, CO · Fairfield, NJ · Fort Lauderdale, FL · Hackensack, NJ · Houston, TX · Nashville, TN · Rockville, MD · San Antonio, TX
Salary Range: $150,000 – $300,000 annually
Application Deadline: Anticipated to close April 9 (may be extended)
About the Employer
Aprio is a nationally ranked CPA and advisory firm with 30 offices across the U.S., an international presence in the Philippines, and more than 2,100 professionals worldwide representing 60+ languages. The firm partners with fast-growing organizations to deliver forward-looking advisory, assurance, and technology solutions, while offering a highly rated culture and long-term career growth opportunities.
Position Overview
Aprio is seeking a Senior Microsoft Technical Lead to join its Risk Advisory and Assurance Services team. This senior leadership role sits within SecurityBricks, powered by Aprio, a specialized cybersecurity and compliance consulting practice.
The position focuses on leading CMMC Level 2 consulting engagements, advising organizations across the Defense Industrial Base (DIB), and architecting practical, scalable security programs using Microsoft’s enterprise security ecosystem. The role blends deep technical expertise, executive-level client advisory, team leadership, and practice growth responsibilities.
Key Responsibilities
CMMC Consulting & Program Leadership
- Lead CMMC Level 2 engagements from initial assessment through certification readiness
- Conduct gap assessments aligned to NIST SP 800-171 and CMMC Level 2 requirements
- Develop tailored remediation roadmaps based on client size, budget, and maturity
- Prepare organizations for C3PAO assessments and certification readiness reviews
- Manage multiple concurrent client engagements across diverse industries
Microsoft Security Architecture
- Design right-sized Microsoft security solutions for SMB to enterprise clients
- Architect and implement Microsoft 365 (Business Premium through E5/G5), Azure, and Defender solutions
- Deploy Microsoft Purview, Azure Information Protection, and DLP solutions to protect CUI
- Implement Microsoft Sentinel or cost-effective SIEM alternatives
- Advise clients on Azure Government versus commercial cloud environments
- Create reusable templates and frameworks to accelerate client delivery
Client Advisory & Executive Engagement
- Serve as a trusted advisor to executive and C-suite stakeholders
- Translate CMMC and security requirements into actionable business guidance
- Advise on boundary definition, enclave strategies, and compliance scope
- Support proposal development, contract reviews, and compliance flow-down requirements
- Deliver executive-level reporting on security posture and program maturity
Team Leadership & Practice Development
- Build, mentor, and manage a team of 4–6 security consultants
- Develop standardized methodologies, playbooks, and quality assurance processes
- Establish training programs to elevate team expertise in CMMC and Microsoft security
- Manage resource planning across multiple client engagements
- Foster a culture of technical excellence, learning, and client success
Practice Growth & Thought Leadership
- Identify opportunities to expand cybersecurity and compliance service offerings
- Support business development initiatives and proposal responses
- Represent the practice at client events and industry forums
- Produce thought leadership content on CMMC and Microsoft security best practices
- Maintain awareness of evolving DoD cybersecurity and CMMC requirements
Required Qualifications
- Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s preferred)
- 10+ years of progressive experience in information security and compliance
- 5+ years leading teams and managing complex consulting engagements
- Demonstrated success guiding organizations through CMMC and NIST SP 800-171 implementations
- Extensive experience implementing Microsoft security solutions across varied environments
- Strong knowledge of DIB requirements, CUI handling, and DFARS compliance
- Ability to communicate technical requirements to non-technical stakeholders
Technical Expertise
- CMMC Level 2 and NIST SP 800-171 control implementation
- Microsoft 365 security architecture (Business Premium through E5/G5)
- Azure and Azure Government security configurations
- Microsoft Defender suite deployment and optimization
- Microsoft Purview, AIP, and data classification strategies
- Microsoft Sentinel and alternative SIEM solutions
- Identity and access management (Azure AD, Conditional Access)
- Network segmentation and boundary protection
- Security documentation and technical writing
Preferred Certifications
- CISSP, CISM, or equivalent security leadership certification
- Microsoft certifications (SC-200, SC-300, SC-400, AZ-500)
- NIST SP 800-171 assessment or DIBCAC experience
- Additional certifications such as Security+, CISA, GIAC, or GCIH
Travel Requirements
- Approximately 10–15% annual travel, including client site visits, assessments, and industry events
- Travel frequency may increase during onboarding or certification preparation phases
Benefits & Perks
Eligible full-time employees may receive:
- Medical, dental, and vision insurance from day one
- Flexible spending and dependent care accounts
- 401(k) with profit sharing
- 9+ paid holidays and discretionary time off
- Parental leave for primary and secondary caregivers
- Tuition assistance and CPA support programs
- Performance-based incentive compensation
- Wellness programs
- Flexible remote and hybrid work options
Why Consider This Opportunity
- Lead high-impact cybersecurity and compliance initiatives
- Work with a nationally recognized advisory firm
- Influence security strategy across public and private sector clients
- Build and grow a specialized consulting practice
- Enjoy long-term career growth and work-life balance
Equal Opportunity Statement
Aprio is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, national origin, sex, pregnancy, sexual orientation, gender identity or expression, age, disability, genetic information, citizenship status, military service obligations, or any other protected status under applicable law.