Virtual Chief Information Security Officer (vCISO)

View full description

Requirements:

• Minimum of 10+ years of experience in information security, with at least 5 years in a senior security leadership role.
• Experience consulting for diverse industries, with a solid understanding of industry-specific risks.
• In-depth knowledge of security frameworks such as NIST, SOC2, ISO 27001, TISAX, CIS Controls.
• Hands-on experience with security tools and technologies including firewalls, IDS/IPS, DLP, SIEM, and encryption solutions.
• Relevant security certifications such as CISSP, CISM, CISA, CRISC or equivalent, and a bachelor's degree in information security or related field.

Responsibilities:

• Develop and execute tailored security strategies for each client, aligning with their business goals and risk profile.
• Conduct risk and vulnerability assessments, ensuring regulatory compliance with frameworks like GDPR, CCPA, HIPAA, and PCI DSS.
• Lead incident response during security breaches, providing clients with guidance on containment and recovery.
• Build comprehensive security programs, conduct security awareness training, and oversee governance mechanisms.
• Maintain long-term client relationships and regularly report on security posture and improvements to client leadership.