Title: Virtual CISO
Location: Remote
Contract Duration: 9 months to 1 year
Must Haves:
- CISSP or CISM certification
- Experience with the Department of Defense (DoD)
Key Responsibilities:
Leadership and Strategy:
- Develop implement and oversee a comprehensive enterprise information security and IT risk management program.
- Lead the Information Security function to ensure consistent highquality management that supports business goals.
- Advise the executive team on risk issues related to information security and recommend actions for broader risk management initiatives.
Governance and Compliance:
- Ensure compliance with DoD standards regulations and guidelines including DFARS NIST SP 800171 and CMMC.
- Develop and manage information security policies procedures and guidelines.
- Prepare and maintain information security standards policies and procedures.
Risk Management:
- Identify manage and mitigate information security risks.
- Conduct vulnerability assessments and manage the implementation of security measures and controls.
- Lead incident response planning and investigate security breaches assisting with any related disciplinary and legal matters.
Security Operations:
- Oversee the continuous monitoring and protection of information processing resources.
- Manage and respond to security incidents mitigating potential threats.
- Implement and manage a threat intelligence program.
Team Management:
- Build develop and manage an effective information security team.
- Provide leadership training and mentoring to team members.
- Foster a strong security culture within the organization.
Collaboration and Communication:
- Collaborate with other departments to ensure security and privacy policies are met.
- Act as a liaison with legal and regulatory bodies as necessary.
- Communicate security risks in business terms to stakeholders.