Virtual CISO

Title: Virtual CISO

Location: Remote

Contract Duration: 9 months to 1 year

Must Haves:

• CISSP or CISM certification
• Experience with the Department of Defense (DoD)

Key Responsibilities:

Leadership and Strategy:

• Develop implement and oversee a comprehensive enterprise information security and IT risk management program.
• Lead the Information Security function to ensure consistent highquality management that supports business goals.
• Advise the executive team on risk issues related to information security and recommend actions for broader risk management initiatives.

Governance and Compliance:

• Ensure compliance with DoD standards regulations and guidelines including DFARS NIST SP 800171 and CMMC.
• Develop and manage information security policies procedures and guidelines.
• Prepare and maintain information security standards policies and procedures.

Risk Management:

• Identify manage and mitigate information security risks.
• Conduct vulnerability assessments and manage the implementation of security measures and controls.
• Lead incident response planning and investigate security breaches assisting with any related disciplinary and legal matters.

Security Operations:

• Oversee the continuous monitoring and protection of information processing resources.
• Manage and respond to security incidents mitigating potential threats.
• Implement and manage a threat intelligence program.

Team Management:

• Build develop and manage an effective information security team.
• Provide leadership training and mentoring to team members.
• Foster a strong security culture within the organization.

Collaboration and Communication:

• Collaborate with other departments to ensure security and privacy policies are met.
• Act as a liaison with legal and regulatory bodies as necessary.
• Communicate security risks in business terms to stakeholders.