Virtual Chief Information Security Officer (vCISO)

About the role

The Virtual Chief Information Security Officer (vCISO) will provide strategic security leadership for our organization’s systems and infrastructure. Working remotely, you will guide governance, risk, and compliance initiatives while ensuring alignment with SOC 2 Type II, HIPAA, and PCI audit requirements.

Key responsibilities

• Develop, implement, and maintain cyber security policies, procedures, and standards.
• Conduct risk assessments, identify threats, and work with stakeholders to mitigate security risks.
• Support governance frameworks, documentation, and preparation for security audits.
• Integrate security controls into system design, perform architecture reviews, and lead penetration testing.
• Monitor emerging threats, manage vulnerability scanning, and recommend remediation.
• Assist in incident response planning, investigations, and proactive threat detection.

Required profile

• Bachelor’s degree in Computer Science, IT, or a related field.
• Proven experience as a Cyber Security Engineer, Security Analyst, or similar role.
• Strong understanding of cyber security principles, risk management, and compliance frameworks.
• Familiarity with regulatory requirements such as GDPR and HIPAA.

Required skills

• Firewalls
• Intrusion Detection/Prevention Systems (IDS/IPS)
• Security Information and Event Management (SIEM)
• Vulnerability scanning tools
• Penetration testing
• Security architecture review
• Knowledge of NIST CSF, HIPAA HITRUST, CIS20, CSA CSF, ISO 27001, COBIT, ITIL