181 applicants

Company

Echelon Risk + Cyber · 1 day ago

Manager, vCISO - USA (Remote)

USA

Full-time

Remote

Senior Level, Lead/Staff

20+ years exp

Maximize your interview chances

Cyber SecurityInformation Technology

Insider Connection @Echelon Risk + Cyber

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Provide expert cybersecurity consulting services at the C-suite level.

Advise on the development and execution of comprehensive security strategies.

Attend and contribute to senior-level meetings, including security steering committee and board meetings.

Develop and maintain security roadmaps aligned with business objectives.

Facilitate executive workshops and training sessions to promote security awareness.

Plan, scope, and execute Virtual CISO advisory and Managed Security Services engagements.

Develop and maintain cybersecurity policies, procedures, and control frameworks.

Create client-facing presentations, reports, and analytics, communicating results to stakeholders.

Manage risk assessment and mitigation processes.

Align cybersecurity initiatives with organizational risk management strategies.

Implement and manage enterprise-wide GRC platforms and tools.

Review and assess security controls against cybersecurity best practices and compliance frameworks (e.g., CIS, NIST, ISO, PCI, CMMC, SOC, HIPAA).

Conduct client discoveries, assessments, and compliance checks, including interviews, documentation reviews, and reporting.

Coordinate audits, compliance assessments, and regulatory reporting (e.g., SEC, NYDFS, CMMC, PCI, HIPAA, FedRAMP, GDPR, SOX).

Advise on and oversee the implementation of security technologies, including SIEM, IDS/IPS, endpoint protection, data protection, and cloud security tools.

Oversight and management of ongoing security initiatives, including vulnerability scanning, penetration testing, and security audits.

Coordinate incident response planning and threat management initiatives.

Provide advisory support on integrating and optimizing security tools and technologies.

Build, mentor, and lead high-performing security teams.

Collaborate across functions to enhance security awareness and practices.

Develop professional development programs and succession planning for security staff.

Lead and support crisis management and response teams.

Produce thought leadership content for blogs, webinars, and articles.

Engage with the cybersecurity community through attendance or speaking at conferences.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Cybersecurity ConsultingGovernanceComplianceCybersecurity FrameworksSecurity TechnologiesCISSPCISACISMCRISCCloud SecurityIncident ResponseTechnical SecurityProject ManagementTechnical Consulting

Required

20+ years in professional cybersecurity and technical roles, with senior-level leadership and advisory experience, including at least 5 years of experience as a cybersecurity or technical consultant, preferably in Managed Services.

Proven ability to manage multiple, simultaneous client engagements and deliver quality results under tight deadlines. This includes strong organizational and management skills.

Experience in Governance, Risk, and Compliance (GRC) planning, development, and management, including Information Security policy and procedure development.

Experience in a variety of industries, including finance, banking, private equity, healthcare, critical infrastructure, technology services, and other regulated environments.

Proficient in leading Cybersecurity Frameworks (e.g., CIS, NIST, ISO, SOC2, COBIT, ITIL, PCI, GDPR and HIPAA).

Experience aligning security strategies with compliance requirements (e.g., SEC, NYDFS, GDPR, CMMC, SOX).

Knowledge of Cloud systems, applications, and security tools (e.g., EDR, MDR, SIEM, CSPM, IAM).

Familiarity with network security, data security, vulnerability management, incident response practices, disaster recovery and third-party risk management.

Certification: CISSP, CISA, CISM, CRISC, CGRC, CvCISO, CGEIT or similar.

Education: Degree in Information Systems, Computer Science, or a related discipline is preferred.

Preferred

Extensive experience working as a consultant for Managed Service Providers (MSPs) or Managed Security Service Providers (MSSPs).

Experience building a security program, including the adoption of a cybersecurity framework and developing a roadmap (e.g., priorities, timelines, budgets).

Experience with technical or cybersecurity assessments and/or audits.

Demonstrated ability to plan and coordinate cybersecurity programs with strong project management, presentation and communication experience.

Strong executive advisory skills, capable of developing extensive reports and presentations, and delivering complex security concepts to diverse stakeholders, including non-technical audiences.

Superior attention to detail, with a strong aptitude for technical and strategic problem-solving.

Actively participate in cybersecurity thought leadership and industry events.

Intellectual curiosity with a continuous learning mindset.

Adaptability and versatility in a fast-paced, demanding environment.

Benefits

Access to medical, dental, and vision insurance through Cigna, with the majority of the employee cost covered by the employer.

Employer funding to HSA accounts and FSA access.

Access to a 401(k) through Vanguard with a guaranteed employer contribution

Flexible vacation policy that allows you to manage your schedule and rest and recharge when you need to

11 holidays with flexibility based on what is important for you and those you love.

Family-friendly benefits, including 16 weeks off for Maternity leave, 8 weeks off for non-birthing parent leave, employer-paid short-term and long-term disability, employer-paid life insurance, and access to additional life insurance, hospital coverage, accidental coverage, discounted mental health support, and more

Support on individual development through certifications, continued learning, conferences, and more