Chief Information Security Officer, Virtual

Job Description:• Develop and execute client-specific cybersecurity strategies and roadmaps aligned with business objectives. • Establish and lead information security governance programs, including policy frameworks, standards, and procedures. • Communicate risk posture and cybersecurity priorities to client executives and boards in business terms. • Define and manage key performance indicators (KPIs) and metrics for program maturity. • Advise on security risk assessments and gap analyses against frameworks such as NIST CSF, CIS Controls, ISO 27001, or CMMC.• Guide clients through compliance initiatives (e.g., SOC 2, HIPAA, GDPR, PCI DSS). • Identify, assess, and prioritize cybersecurity risks; recommend remediation plans and track progress. • Oversee third-party vendor risk management programs. • Provide leadership over client security operations. • Review security architecture, processes, and operational workflows to ensure best practices. • Coordinate tabletop exercises and incident response planning. • Evaluate security tools and recommend enhancements to clients’ technology stack.• Serve as the primary cybersecurity advisor for assigned clients, maintaining long-term relationships built on trust and measurable outcomes. • Present executive-level security reports and briefings to client stakeholders. • Collaborate with internal technical teams (SOC, Engineering, Compliance) to align delivery with client needs. • Stay current with emerging threats, regulations, and industry best practices to proactively advise clients. • Develop standardized vCISO methodologies, templates, and frameworks for internal use.• Mentor junior staff and contribute to service delivery improvements. • Participate in business development by supporting client proposals, presentations, and renewals. Requirements:• Bachelor’s degree in Cybersecurity, Information Technology, or related field; advanced degree preferred. • 7+ years of progressive experience in information security, including leadership or advisory roles. • Deep understanding of security frameworks such as NIST CSF, SOC2, ISO 27001, CIS Controls, CMMC, and regulatory requirements.• Proven experience designing, implementing, and managing enterprise security programs. • Strong communication and executive presentation skills. • Industry certifications preferred: CISSP, CISM, CISA, CRISC, or similar. • Experience serving multiple clients or working in a consulting/MSSP environment strongly preferred. • Ability to travel to client sites on as needed basis. Benefits:• Health Insurance 80% paid by employer• Dental Insurance 80% paid by employer• Vision Insurance 80% paid by employer• Self-Managed vacation leave• Paid sick leave• Paid holiday leave Apply tot his job