Fractional CISO needed

---

We are seeking a highly skilled and experienced Fractional Chief Information Security Officer (CISO) to provide strategic security leadership and guidance as a white-label security resource for our managed service provider (MSP) customers. The ideal candidate MUST HAVE EXPERIENCE WORKING WITH AN IT MSP, will assess and enhance clients' security postures, ensure compliance, and advise on cybersecurity best practices. You will be expected to roll up your sleeves and will work across multiple customer environments, integrating seamlessly with their IT teams to develop and implement tailored cybersecurity strategies. KEY RESPONSIBILITIES: SECURITY STRATEGY & GOVERNANCE Develop and implement security policies, frameworks, and governance structures for our client companies. Align security strategies with business objectives and regulatory requirements. Provide expert advisory on risk management, compliance, and cybersecurity best practices. Conduct security assessments and gap analyses to identify vulnerabilities and areas for improvement. COMPLIANCE & RISK MANAGEMENT Ensure customer environments comply with industry regulations (e.g., NIST, ISO 27001, GDPR, CMMC, HIPAA). Establish and maintain risk management frameworks for MSP clients. Conduct security audits, risk assessments, and compliance evaluations. Develop security roadmaps and maturity models for customers. INCIDENT REPORT & THREAT MANAGEMENT Oversee incident response planning, testing, and execution for customers. Lead security investigations and recommend appropriate remediation measures. Provide guidance on cybersecurity insurance, response plans, and risk mitigation. Collaborate with SOC teams to monitor, detect, and respond to security threats. CUSTOMER ENGAGEMENT & ADVISORY SERVICES Act as a trusted security advisor for our MSP customers. Conduct regular security briefings and executive-level reporting. Deliver cybersecurity training and awareness programs. Lead virtual CISO engagements, ensuring clients have a clear security strategy. TECHNOLOGY & SECURITY ARCHITECTURE Guide the selection and implementation of security technologies for clients. Provide recommendations on cloud security best practices (Azure, AWS, GCP). Review and enhance IAM, network security, endpoint security, and data protection strategies. Evaluate and oversee the integration of SIEM, EDR, and MDR solutions. QUALIFICATIONS & EXPERIENCE 10+ years of experience in cybersecurity leadership, consulting, or advisory roles. Strong knowledge of Microsoft 365 security, Azure security, and SOC operations. Expertise in regulatory compliance (ISO 27001, NIST CSF, CMMC, HIPAA, GDPR, etc.). Hands-on experience with security frameworks, SIEM tools, and risk assessments. Strong leadership, communication, and stakeholder management skills. Relevant certifications such as CISSP, CISM, CISA, CCSP, or equivalent preferred. KEY PERFORMANCE INDICATORS (KPI) Customer satisfaction and retention rate. Security compliance improvements for client environments. Incident response effectiveness and threat mitigation. Delivery of security roadmaps and maturity assessments. Success in implementing cybersecurity best practices for clients. TOOLS AND TECHNOLOGIES Microsoft 365 Defender, Sentinel, Compliance Center Azure Security Center, AWS Security Hub, GCP Security Command Center SIEM platforms (Splunk, Microsoft Sentinel, QRadar, etc.) Endpoint and network security tools (EDR, XDR, MFA, IDS/IPS)

Keyword: Business Development

Network Security Information Security Firewall Encryption System Administration