Match score not available

Virtual Chief Information Security Officer (vCISO)

Remote:

Full Remote

Contract:

Full time

Salary:

122 - 122K yearly

Experience:

Senior (5-10 years)

Work from:

United States

Offer summary

Qualifications:

5+ years experience in cybersecurity frameworks, Knowledge of system, application, network security, Relevant certifications: CISSP, CISA, etc., Strong analytical and decision-making skills, Bachelor's degree in a related field.

Key responsabilities:

Develop custom cybersecurity programs and initiatives
Perform risk assessments and manage risk plans
Collaborate with stakeholders on risk remediation
Lead risk management presentations and trainings
Monitor threats and update policies accordingly

Ascend Technologies Scaleup https://teamascend.com/

201 - 500 Employees

See more Ascend Technologies offers

Job description

Your missions

PURPOSE:
The role of the vCISO provides the expertise required to properly scope and deliver cybersecurity solutions and services to our clients. They work closely with our clients to deliver risk management services that align industry best practices and regulatory requirements. The vCISO will identify risks and compliance gaps and collaborate with clients to prioritize and execute cybersecurity initiatives.

RESPONSIBILITIES:

Develop custom cybersecurity programs and drive cybersecurity initiatives that support regulatory requirements, risk appetite, budget targets, and desired outcomes
Performs cybersecurity risk assessments to identify and document client risks in accordance with industry best practices and regulatory bodies to include CMMC,
DFARS, NIST 800-171, NIST CSF, HIPAA, FDIC, GLBA, ISO 27001/2, PCIDSS, and MITRE ATT&CK
Continually manages risk management plans, milestones, and quarterly objectives to track progress and anticipate/notify of potential issues
Collaborates with IT resources and key stakeholders from other business units to assess impacts to business processes, consider compensating controls, and effectively communicate risk remediation initiatives
Leads monthly, quarterly, and annual presentations of risk management initiatives among client technical resources, key stakeholders, and senior management
Leads cybersecurity engineering resources to deliver vulnerability management, endpoint protection, privilege and identity management, network security, etc.
Actively monitors evolving threats and compliance changes and communicates findings to both Ascend and client stakeholders
Conducts vendor risk assessments to identify technical, operational, and compliance risks and recommend risk reduction strategies
Works closely with Ascend’s cybersecurity team to report issues, develop process improvement strategies, and ensure service success
Writes and updates cybersecurity policies and procedures aligned with client requirements
Leads cybersecurity training, tabletop exercises, and marketing events
Other Responsibilities as assigned by management

MINIMUM SKILLS, EDUCATION AND EXPERIENCE

5+ Years experience in cybersecurity, and framework alignment (CMMC, DFARS, NIST 800-171, NIST CSF, HIPAA, FDIC, GLBA, ISO 27001/2, CIS, etc.)
5+ Years of strong working knowledge of system, application, network, cloud, and data security best practices
One or more of the following certifications: CISSP, CISA, CISM, CRISC, GLSC, GSTRT, or equivalent
Proven success managing business risk, conducting vendor risk assessments, and executing cybersecurity controls
Working knowledge of Microsoft 365, Azure Active Directory/Active Directory, Security Awareness strategies, and Vulnerability Management practices
Excellent analytic, problem-solving, active-listening and decision-making skills
Excellent presentation, writing, interpersonal and communication skills
Comfortable engaging at executive levels to influence and provide strategic insight
Experience and/or strong desire to work in a fast-paced environment with evolving conditions

PREFERRED SKILLS, EDUCATION AND EXPERIENCE

5+ Years experience in Incident Response and Digital Forensics
Industry Specialized Certifications for PCI DSS, HITRUST, etc.
Working knowledge of PowerShell, Threat Hunting Techniques, SIEM, SOC, EDR Platforms, Privilege and Identity Management Platforms
Bachelor’s degree in computer science, management information systems, information Technology, engineering, mathematics, or a related field

Starting Salary: $122,000/year

At Ascend Technologies we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.

CORE VALUES
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:

Committed to Client Success: Our actions and our words always align with the best interest of the client.
One Team: We work collaboratively to overcome challenges with humility and respect and do what it takes to find innovative solutions.
Integrity: We are unquestionably committed to doing the right thing even when it is hard.
Accountability: We hold ourselves and each other accountable for keeping our commitments to our clients, our communities, and one another.
Transparency: We create open lines of communication with each other and our clients, fostering relationships founded on candor and trust.

PHYSICAL DEMANDS:
Must be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs., such as laptop, server equipment, and, driving to the work site to meet with client(s).