Virtual Chief Information Security Officer (vCISO)

Department: Managed Security

Employment Type: Full Time

Location: USA - Remote

Description

The Virtual Chief Information Security Officer (vCISO) will provide strategic leadership and oversight for the information security programs of VC3 managed clients. This role involves having a deep understanding of each client's unique business environment to develop tailored strategies that mitigate risks and align with client business objectives. The vCISO is a top security expert that works with existing management and technical teams both within client environments and VC3. This role also assists in providing strategy for the Managed Security space to drive growth, delivery with consistency and excellence, and the desired level of profitability for the organization. Key focus areas are innovation, staying at or ahead of world events that are relevant, consistent excellence, proactiveness, and driving efficiency. By measuring progress and adjusting processes accordingly, the vCISO keeps the clients under their purview on track.

Our People:

Our team members are collaborative, positive, and dedicated to mutual success. Transparency isn't just a buzzword here; it's a commitment to open communication, ensuring every voice is heard and valued. Guided by our core values — Passionately Curious, Own It, Go Beyond, and Serve as One — we're here to create something extraordinary together.

Our Core Focus:

Our team members play a pivotal role in our focus: Serving those who serve with technologies for today and tomorrow that make life safe and simple. With nearly 30 years of specialized expertise, our team goes beyond conventional boundaries, delivering tailored managed services and cybersecurity solutions to our clients.

Your Growth:

We are a growth minded organization that prioritizes development, offering numerous opportunities for career advancement. Rooted in our core value of being Passionately Curious, VC3 offers a dynamic learning environment, emphasizing hands-on experiences and formal development programs that celebrate continuous learning to propel your career forward.

Key Responsibilities

• Understand and follow "The VC3 Way". This is our set of standards and processes that produce a predictable result for the client. You must be aware of and maintain our standards.
• Translate Cyber Security concepts into non-technical terms for clients to clearly understand specific applications to their business priorities.
• Understand and align with the client organization's overall strategy and business environment to ensure cybersecurity initiatives support business objectives
• Lead the development and implementation of a comprehensive cybersecurity strategy for clients that aligns with the organization's goals and objectives
• Proactively identify and anticipate future security and compliance challenges for our clients, driving VC3 solutions
• Drive the creation and execution of a robust cybersecurity plan and program within client environments, ensuring alignment with industry best practices.
• Assist in the development of the information security incident response program for the VC3 Managed Security Department.
• Develop client specific incident response programs as needed based on the development of business continuity and disaster recovery practices liaising with internal VC3 Departments as necessary.
• Conduct thorough cybersecurity risk assessments based on the client organization's assets, identify vulnerabilities, and recommend remediation strategies.
• Collaborate with clients to assist with vendor selection, providing guidance and checklists to ensure third party security compliance.
  
  

Additional Responsibilities:

• Engage with industry peers and continuously analyze and review new security technologies and practices as informed by industry best practice.
• Work closely with internal stakeholders to stay informed of planned changes to technologies, practices, and business activities that could impact security.
• Collaborate across all VC3 departments to maximize our client security posture and experience during onboarding, system design, strategy and ongoing support
• Maintain precise and up-to-date timesheets, and document notes on troubleshooting steps and client communications.
• Actively seek and reflect on feedback from stakeholders, colleagues, and management using it to drive improvement.
• Escalate complex issues to senior resources or relevant teams when necessary.
• Engage actively in team huddles, L10 meetings, and other collaboratively structured meetings.
• Develop and revise documentation promptly to reflect changes or new findings.
• Attend company-based meetings as required
• Additional duties as assigned
  
  

Skills, Knowledge And Expertise

Education Requirements, Skills, and Knowledge:

• Degree or Diploma in an IT-based curriculum, or at least 5 years' experience in risk management, information security, or programming.
• One or more of the following qualifications are highly desirable: Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Certified Information systems Auditor (CISA), or Certified Risk & Information Security Controls (CRISC)
• Experience in cybersecurity strategy development, risk management, and program administration.
• Current knowledge of common cybersecurity frameworks (CIS, NIST, MITRE ATT&CK)
• Experience with compliance and regulatory requirements
• An understanding of SIEM platforms, perimeter security, endpoint detection and response platforms, vulnerability management solutions, all aspects of IT infrastructure (compute, route/switch, security) and cloud security
• Possesses a high level of self-motivation and initiative, consistently taking ownership of tasks and projects.
• Demonstrate a strong sense of autonomy and resourcefulness, capable of making independent decisions and solving problems without relying heavily on coaching or direction.
• Exhibit excellent time management and organizational skills, effectively prioritizing tasks and allocating resources to meet deadlines and achieve objectives without extensive oversight.
• Displays a proactive and self-directed approach to learning and staying updated on industry trends, seeking out relevant information and resources to enhance their knowledge and skills.
• Shows the ability to adapt and thrive in ambiguous or uncertain situations, quickly assessing and navigating challenges.
• Possesses strong critical thinking and decision-making abilities, evaluating complex situations and determining the best course of action, while considering the broader organizational goals and objectives.
• Demonstrates effective communication skills, both written and verbal, articulating ideas and expectations clearly and concisely, minimizing the need for frequent guidance or clarification.
• Extraordinarily strong interpersonal skills, able to build and maintain effective working relationships, solicit co-operation and collaborate with various stakeholders internally and externally.
  
  

Additional information you will want to know:

• Applicant selected will be subject to a criminal and department of motor vehicles background checks and must meet Criminal Justice Information Systems (CJIS) requirements post-employment
• Travel up to 30% required
• VC3 offers a comprehensive benefit package and 401K/RRSP company matching
  
  

Thank you for your interest in VC3. We appreciate all applications; however, only those candidates selected for an interview will be contacted.