vCSO - Virtual Chief Security Officer

Description:

NetGain Technologies is a growth stage, premier technology provider in the Southeast and Midwest US. We are laser-focused on building our high-talent team so that we all get to collaborate with the most talented and value-driven teammates possible. If you value extreme ownership, continuous improvement, winning as a team, wowing clients, and putting your people first – read on to check out the opportunity to work with our exciting business.

Key Responsibilities

• Cybersecurity Strategy Development: Assess organizational needs, design tailored information security strategies and ensure alignment with business objectives and industry best practices.
• Risk Management: Lead risk assessments, vulnerability analyses, and threat modeling exercises to identify, analyze, prioritize, and mitigate organizational risks.
• Policy and Procedure Development: Draft, review, and maintain security policies, standards, and procedures to ensure compliance with regulations and industry standards such as ISO 27001, NIST, HIPAA, PCI DSS, and GDPR.
• Governance and Compliance: Guide the organization through regulatory and security compliance initiatives, conduct readiness assessments, and oversee internal and external audits.
• Incident Response and Management: Develop, implement, and test incident response plans. Lead the investigation and remediation of security incidents and data breaches and coordinate post-incident analysis and reporting.
• Security Awareness and Training: Design and deliver employee security awareness programs, phishing simulations, and ongoing training to foster a culture of cybersecurity resilience.
• Third-Party Risk Management: Assess and manage risks associated with vendors, partners, and supply chain relationships. Conduct due diligence and security reviews of third-party providers.
• Security Architecture Review: Evaluate existing and planned IT infrastructure, applications, and workflows to ensure robust security controls are integrated and maintained.
• Budgeting and Resource Planning: Advise on security investments, budget allocations, and resource planning to ensure effective deployment of security technologies and personnel.
• Executive and Board Reporting: Prepare and deliver regular briefings, dashboards, and reports on the organization’s cybersecurity posture, risk status, and compliance efforts to senior management and the board of directors.
• Emerging Threat and Technology Monitoring: Continuously monitor the threat landscape, stay informed about emerging cyber risks, and recommend new technologies and controls as needed.

Key Competencies

• Strategic Thinking: Ability to design and implement long-term cybersecurity strategies aligned with business objectives.
• Analytical Skills: Adept at risk analysis, incident investigation, and root cause analysis.
• Project Management: Skilled in managing multiple concurrent projects, prioritizing tasks, and ensuring timely delivery of security initiatives.
• Problem-Solving: Resourceful in addressing complex security challenges and finding innovative solutions.
• Stakeholder Engagement: Experienced in communicating with non-technical stakeholders, building consensus, and fostering a culture of collaboration.

Reporting Structure

• The vCSO typically reports to the Director or Security or Technical Director or Security as the direct manager. They may also serve as the primary point of contact for external auditors, regulators, and incident response teams.

NetGain Technologies Overview

• In business for over 40 years
• Large regional business with 6 locations in Southeast/Midwest regions
• Ranked 89th in the World by Managed Services Providers Mentor
• Member of 35B association; offering service throughout the US
• Professionally managed using Best in Class metrics and procedures
• Distinguished as a SOC 2, Type II certified company

WHAT’S IN IT FOR ME?

• Health, Dental, Vision Insurance
• 100% Company-paid Disability Insurance/Life Insurance
• Responsible Paid Time Off
• 401K Matching
• Paid Certification Training
• LAN Parties
• Team Building (camping, Breakout Games)
• Monetary Tenure Recognition

If you have made it to the bottom of this job description and believe you have what it takes to join our team, please submit your resume.

Frequently cited statistics show that women and underrepresented groups apply to jobs only if they meet 100% of the qualifications. NetGain encourages you to break that statistic and to apply. No one ever meets 100% of the qualifications. We look forward to your application.

NetGain Technologies is an Equal Employment Opportunity (EEO) employer that is committed to a safe and drug free work place. NetGain performs pre-employment criminal background checks and substance abuse testing which includes a urine drug tests to detects the presence of illegal drugs. We appreciate your cooperation in keeping NetGain a safe and drug free company.

Requirements:

Required Qualifications and Experience

• Education: Bachelor’s or master’s degree in computer science, Cybersecurity, Information Systems, or a related field is preferred. Equivalent work experience may be considered.
• Certifications: Relevant professional certifications are highly desirable, such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), or other industry-recognized credentials.
• Professional Experience: 5+ years of progressive experience in cybersecurity, information security management, or related fields, with demonstrated success leading security initiatives and teams.
• Consulting Experience: Prior experience providing vCSO or CISO consulting services is highly desirable.
• Technical Knowledge: In-depth understanding of security frameworks, regulatory requirements, security architectures, and the management of cybersecurity tools and platforms.
• Communication Skills: Exceptional verbal and written communication skills, with the ability to translate complex security concepts into business language for executive audiences.
• Leadership and Influence: Proven experience as a strategic business partner, able to influence decision-making and drive organizational change.