Virtual Chief Information Security Officer (vCISO)

For our client, we are seeking a Virtual Chief Information Security Officer (vciso) to join the team of a leader in the Information Technology space. This role will lead initiatives at the intersection of scalable technology, AI-enabled capabilities, and business transformation. You will work across engineering, product, and business stakeholders to translate complex requirements into practical technology solutions. The position offers the opportunity to influence architecture, execution quality, and long-term innovation within a technology-driven environment.

Location: Remote - US based candidates only, no visa sponsorship available

Compensation: $150,000 – $200,000 annually

Responsibilities

• Own and manage each client's security program with a strategy, roadmap, and regular reporting to executive sponsors
• Lead initiatives in identity-first security, ensuring tight control over access and identity management processes
• Oversee cloud security posture across multiple platforms including Microsoft 365, Azure, AWS, and Google Cloud
• Set strategic direction for incident detection and response, emphasizing readiness and preparation as well as active response during incidents
• Guide clients in ransomware resilience strategies, including backup and recovery drills and executive-level tabletop exercises
• Manage third-party and supply chain risk through comprehensive vendor due diligence and risk assessment processes
• Lead governance of AI usage within client organizations, ensuring secure practices in policy and technical implementation

Qualifications

• 10\+ years in information security, with proven leadership experience, preferably as a CISO or deputy CISO
• Experience conducting gap analyses against major security frameworks and implementing findings into actionable roadmaps
• Direct experience with frameworks like NIST CSF, ISO 27001, SOC 2, HIPAA, or CMMC, with knowledge of CMMC 2\.0 preferred
• Expertise in AI governance and secure integration of generative AI in business practices
• Strong familiarity with identity, endpoint, cloud, and detection technologies, with the ability to distinguish effective implementations from ineffective ones
• Excellent judgment and communication skills to convey investment decisions and risk management to executive-level stakeholders
• Bachelor’s degree in computer science, information systems, cybersecurity, or a related field

Benefits

• Hybrid work model that allows for flexibility between remote and on-site engagements
• Opportunity to work with a variety of clients, providing exposure to different industries and challenges
• Participation in a peer-reviewed security practice, promoting knowledge sharing and consistent standards
• Engagements designed to encourage meaningful impact on clients’ security postures and operations
• Continuous professional development opportunities through certifications and training

Our client is an equal opportunity employer. We encourage you to apply even if you don’t meet every qualification—your background could be exactly what this team needs.