Virtual Chief Information Security Officer (vCISO) – Contract / Fractional – Contract to Hire

Remote Full-time
Company: Confidential cybersecurity startup (post-exit founders)
Location:

Remote (U.S. based)
Type: Contract / Fractional / Project-Based
Reports to: CEO & Founder
About Us
We are a newly launched cybersecurity and IT consulting startup led by the founders of a successful firm recently acquired after eight years of growth and award-winning performance in the channel. Our mission is to build the next-generation vCISO and cybersecurity advisory model — one that empowers organizations to close real security gaps, strengthen governance, and create measurable resilience without the enterprise bloat.

We partner with mid-market and emerging enterprises across the U.S., providing a hands-on vCISO overlay to their IT and executive teams — guiding them through assessments, roadmaps, and 12-month improvement programs aligned with CIS v8, NIST CSF, SOC 2 readiness, and more. If you’re an experienced cybersecurity professional who loves building, advising, and helping clients mature their security posture — while being part of something from the ground up — we want to meet you. The Role
As our Virtual Chief Information Security Officer (vCISO), you will:
Conduct framework-based cybersecurity assessments (CIS v8, NIST CSF, SOC 2 readiness, ISO 27001 – CMMC L2 a plus).

Develop maturity roadmaps and deliver executive-ready reports and risk mitigation plans. Lead one-year security program engagements to build policies, controls, and governance procedures. Partner directly with the CEO/founder on client delivery, service design, and methodology. Serve as a trusted advisor to client IT and leadership teams — translating risk into business language. Contribute to our service framework by mentoring future consultants and refining scalable delivery models. This is a contractor role with flexible engagement options — ideal for a professional already managing their own consulting practice or client base who wants to align with a high-growth, post-exit cybersecurity startup.

Who You Are
✅ A seasoned cybersecurity leader (5+ years) with experience in frameworks, assessments, and program delivery. ✅ Hands-on with CIS, NIST, SOC 2 – able to move from audit readiness to program build-out. ✅ Entrepreneurial, self-directed, and comfortable operating in a startup environment. ✅ A relationship-builder who enjoys collaborating with executives and mentoring peers. ✅ Mature, low-ego, and adaptable — able to balance structure with innovation. ✅ Interested in shaping a vCISO practice and influencing the growth of a new firm.

Preferred Qualifications
Deep understanding of cybersecurity frameworks: CIS v8, NIST CSF, SOC 2 Type II, ISO 27001, CMMC L2. Proven success delivering risk assessments, POA&Ms, and security maturity programs. Excellent communication and presentation skills — able to brief non-technical executives. Experience in governance, risk, and compliance (GRC) program development. Certifications preferred: CISSP, CISM, CRISC, CCSP, CMMC RP/CP, ISO 27001 Lead Implementer. Prior vCISO or consulting background strongly preferred.

Why Join Us
Work directly with proven founders who successfully exited a national IT procurement & cybersecurity consulting firm. Help build a new vCISO service line from the ground up — your ideas matter here. Flexible contract model — work remotely, manage your own time and book of business. Opportunity to grow into a lead or partner role as the firm scales. Make real impact across multiple clients and industries. Compensation
Contract / project-based compensation, aligned with experience and scope.

Engagements typically range 3 months for assessments, followed by 12-month advisory programs. Future revenue-share or leadership opportunities as the vCISO practice grows. Send your resume or portfolio and a short note including:
Frameworks you’ve led (CIS, NIST, SOC 2, etc.)
Example client profiles or industries you’ve advised

Your preferred rate model and availability
Confidential Note
We are a startup currently in stealth mode, following the sale of our prior IT procurement and cybersecurity consulting firm.

All inquiries are confidential.Apply Now

Apply Now
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Remote Job bolthires Grand California $30/Hour

Remote

Regional Sales Manager | DoorDash | Remote (Nor...

Remote

**Customer Service Representative (Healthcare) Remote – Join arenaflex's Diverse and Inclusive Team**

Remote

3rd shift - Call Center Supervisor (remote) (48856)

Remote

Sr Qlty Engineer | 4 | REMOTE

Remote

Patient Intake Specialist (Weekend)

Remote

Experienced Data Entry Specialist – Remote Opportunity with blithequark for Accurate and Efficient Data Management Professionals

Remote

[Remote] Salesforce Consultant: 26-00647

Remote

**Experienced Customer Service Representative – Connect with Customers and Drive Business Growth at arenaflex**

Remote

Project Manager

Remote
← Back