Virtual Chief Information Security Officer – vCISO

JobtailorDeutschland

Responsibilities

  • Provide executive-level cybersecurity advisory services, including governance, risk management, and strategic planning
  • Establish and maintain cybersecurity governance structures, roadmaps, and reporting cadence
  • Lead enterprise risk management activities, including risk register development, tracking, and executive reporting
  • Support compliance and framework alignment (NIST CSF, NIST SP 800-171, CMMC, SOC 2, ISO 27001 as applicable)
  • Guide CMMC readiness efforts, including coordination of documentation, audit preparation, and assessment support
  • Provide executive reporting, dashboards, and strategic recommendations to support decision-making
  • Advise on security operations, vulnerability management, and incident response governance
  • Support cybersecurity investment planning, tool selection, and vendor evaluation
  • Facilitate communication across technical teams, leadership, and external stakeholders
  • Collaborate with delivery teams (e.g., Cyber Analysts, Project Managers) to ensure coordinated execution

Requirements

  • 10+ years of cybersecurity leadership experience (vCISO, CISO, or equivalent advisory role)
  • Deep experience in governance, risk, and compliance (GRC) within regulated environments
  • Strong working knowledge of NIST CSF, NIST SP 800-171, CMMC, and related frameworks
  • Experience supporting audit readiness, compliance programs, and executive reporting
  • Ability to translate technical risk into business-aligned recommendations
  • Relevant certifications preferred (e.g., CISSP, CISM, CRISC, CCP)

Hard Skills

  • cybersecurity advisory
  • governance
  • risk management
  • strategic planning
  • risk register development
  • vulnerability management
  • incident response governance
  • audit preparation
  • compliance programs
  • executive reporting

Soft Skills

  • communication
  • collaboration
  • leadership
  • strategic recommendations
  • decision-making

Certifications & Qualifications

  • CISSP
  • CISM
  • CRISC
  • CCP

Industry Keywords

  • NIST CSF
  • NIST SP 800-171
  • CMMC
  • SOC 2
  • ISO 27001
  • governance, risk, and compliance (GRC)
  • regulated environments

Tools & Technologies

  • dashboards
  • cybersecurity investment planning
  • tool selection
  • vendor evaluation
#J-18808-Ljbffr