Virtual Chief Information Security Officer – vCISO
Jobtailor –
Deutschland
Responsibilities
- Provide executive-level cybersecurity advisory services, including governance, risk management, and strategic planning
- Establish and maintain cybersecurity governance structures, roadmaps, and reporting cadence
- Lead enterprise risk management activities, including risk register development, tracking, and executive reporting
- Support compliance and framework alignment (NIST CSF, NIST SP 800-171, CMMC, SOC 2, ISO 27001 as applicable)
- Guide CMMC readiness efforts, including coordination of documentation, audit preparation, and assessment support
- Provide executive reporting, dashboards, and strategic recommendations to support decision-making
- Advise on security operations, vulnerability management, and incident response governance
- Support cybersecurity investment planning, tool selection, and vendor evaluation
- Facilitate communication across technical teams, leadership, and external stakeholders
- Collaborate with delivery teams (e.g., Cyber Analysts, Project Managers) to ensure coordinated execution
Requirements
- 10+ years of cybersecurity leadership experience (vCISO, CISO, or equivalent advisory role)
- Deep experience in governance, risk, and compliance (GRC) within regulated environments
- Strong working knowledge of NIST CSF, NIST SP 800-171, CMMC, and related frameworks
- Experience supporting audit readiness, compliance programs, and executive reporting
- Ability to translate technical risk into business-aligned recommendations
- Relevant certifications preferred (e.g., CISSP, CISM, CRISC, CCP)
Hard Skills
- cybersecurity advisory
- governance
- risk management
- strategic planning
- risk register development
- vulnerability management
- incident response governance
- audit preparation
- compliance programs
- executive reporting
Soft Skills
- communication
- collaboration
- leadership
- strategic recommendations
- decision-making
Certifications & Qualifications
- CISSP
- CISM
- CRISC
- CCP
Industry Keywords
- NIST CSF
- NIST SP 800-171
- CMMC
- SOC 2
- ISO 27001
- governance, risk, and compliance (GRC)
- regulated environments
Tools & Technologies
- dashboards
- cybersecurity investment planning
- tool selection
- vendor evaluation