vCISO

 Job Description:

Position Overview

The Fractional Chief Information Security Officer (CISO) plays a pivotal role in partnering with small to medium-sized business (SMB) clients to strategically guide and oversee their information security initiatives. This role provides on-demand CISO services tailored to the unique needs of each client.

Clients are supported with a comprehensive information security program that includes:

  • Information security leadership

  • Risk management

  • Security governance

  • Compliance alignment

  • Security monitoring and reporting

  • Security architecture and technology guidance

  • Incident response and management

  • Vendor risk management

  • Security awareness and training

The ideal candidate should possess a strong technical background, deep expertise in security and compliance, and excellent customer-facing and communication skills. Executive presence and the ability to lead organizations through security transformation are essential.

Responsibilities

  • Develop a deep understanding of each clients business environment and compliance needs.

  • Collaborate with client executives to build and mature cybersecurity programs.

  • Establish trusted advisor relationships with client leadership to strengthen governance, risk, and compliance efforts.

  • Align IT risk management with business objectives.

  • Guide clients in meeting regulatory requirements and improving compliance status.

  • Support clients in aligning with frameworks such as ISO 27001, SOC 2 Type 2, CMMC, HIPAA, PCI, and others.

  • Conduct security assessments and present detailed results.

  • Lead annual security activities including risk assessments, tabletop exercises, and third-party audits.

  • Provide security leadership and guidance to client IT teams.

  • Anticipate and proactively address security and compliance risks.

  • Lead Information Security Review meetings.

  • Conduct research and recommend security enhancements.

  • Stay current on technology trends and evolving security standards.

  • Build strong, positive relationships with clients and provide outstanding service.

Hiring Profile

Requirements:

  • CISSP certification (or equivalent) required

  • Prior MSP or MSSP experience overseeing multiple clients

  • Strong IT and technical background

  • Excellent communication skills and executive presence

  • Bachelor's degree in Computer Science preferred

  • High energy, self-driven, and goal-oriented

  • Strong multi-tasking ability and adaptability

  • Self-motivated and comfortable in a fast-paced environment

Outcomes & Key Accountabilities

  • Risk Management: Ensure clients information security risks are identified and mitigated.

  • Security Posture: Improve overall client security through effective controls and policies.

  • Compliance: Guide clients to meet regulatory and industry standards.

  • Incident Response: Implement and test incident response plans.

  • Security Awareness: Promote a culture of security within each client organization.

  • Vendor Risk: Evaluate and manage third-party vendor risks.

  • Data Protection: Safeguard sensitive client data through best practices.

  • Client Relationships: Foster strong, ongoing partnerships with clients.

  • Professional Standards: Deliver high-quality, disciplined, and reliable outcomes.

  • Culture & Inspiration: Make security approachable, engaging, and transformative for clients.

Apply for this job
Or refer someone