Job Description:
• Develop and execute client-specific cybersecurity strategies and roadmaps aligned with business objectives.
• Establish and lead information security governance programs, including policy frameworks, standards, and procedures.
• Communicate risk posture and cybersecurity priorities to client executives and boards in business terms.
• Define and manage key performance indicators (KPIs) and metrics for program maturity.
• Advise on security risk assessments and gap analyses against frameworks such as NIST CSF, CIS Controls, ISO 27001, or CMMC.
• Guide clients through compliance initiatives (e.g., SOC 2, HIPAA, GDPR, PCI DSS).
• Identify, assess, and prioritize cybersecurity risks; recommend remediation plans and track progress.
• Oversee third-party vendor risk management programs.
• Provide leadership over client security operations.
• Review security architecture, processes, and operational workflows to ensure best practices.
• Coordinate tabletop exercises and incident response planning.
• Evaluate security tools and recommend enhancements to clients’ technology stack.
• Serve as the primary cybersecurity advisor for assigned clients, maintaining long-term relationships built on trust and measurable outcomes.
• Present executive-level security reports and briefings to client stakeholders.
• Collaborate with internal technical teams (SOC, Engineering, Compliance) to align delivery with client needs.
• Stay current with emerging threats, regulations, and industry best practices to proactively advise clients.
• Develop standardized vCISO methodologies, templates, and frameworks for internal use.
• Mentor junior staff and contribute to service delivery improvements.
• Participate in business development by supporting client proposals, presentations, and renewals.
Requirements:
• Bachelor’s degree in Cybersecurity, Information Technology, or related field; advanced degree preferred.
• 7+ years of progressive experience in information security, including leadership or advisory roles.
• Deep understanding of security frameworks such as NIST CSF, SOC2, ISO 27001, CIS Controls, CMMC, and regulatory requirements.
• Proven experience designing, implementing, and managing enterprise security programs.
• Strong communication and executive presentation skills.
• Industry certifications preferred: CISSP, CISM, CISA, CRISC, or similar.
• Experience serving multiple clients or working in a consulting/MSSP environment strongly preferred.
• Ability to travel to client sites on as needed basis.
Benefits:
• Health Insurance 80% paid by employer
• Dental Insurance 80% paid by employer
• Vision Insurance 80% paid by employer
• Self-Managed vacation leave
• Paid sick leave
• Paid holiday leave
Apply Now
Apply Now