Field Virtual Chief Information Security Officer (vCISO)
Little Rock, AR
Full Time
Manager/Supervisor
Field Virtual Chief Information Security Officer (vCISO)
This position has an onsite component, and applicants must already reside in the central Arkansas area. Relocation will not be provided.
PURPOSE:
A Field vCISO’s primary purpose is to function as a trusted advisor to strategically improve the cybersecurity posture of Ascend clients. Field vCISOs integrate into our client organizations to manage and improve comprehensive cybersecurity programs for mid-market clients based on established frameworks such as NIST CSF, CIS Controls, HIPAA, and more.
Weekly or monthly meetings are held to present data gathered from our various solutions to demonstrate the efficacy of Ascend’s cybersecurity services to client stakeholders and highlight advancement toward the client’s desired maturity. Quarterly presentations to client C-suite or Board of Directors may be required. Completion of security questionnaires, review of vulnerability reports, pen test reports, risk assessments, research on non-Ascend products/services, and communication of strategy for emerging threats or business requirements are all provided to our clients by their vCISO.
Excellent communication and presentation skills are important to help make complex cybersecurity concepts clear and relatable to non-technical audiences across a multitude of industries.
RESPONSIBILITIES:
MINIMUM SKILLS, EDUCATION AND EXPERIENCE
PREFERRED SKILLS, EDUCATION AND EXPERIENCE
The salary for this position is commensurate with experience, skills, and qualifications. The range is intended to reflect our commitment to attracting top talent, and the final offer will be based on factors including, but not limited to, the candidate's previous experience, expertise in the field, relevant certifications, and the specific requirements of the role. In addition, internal equity, market trends, and geographic location may also influence the final salary.
Along with a competitive salary, we offer a comprehensive benefits package, including health, dental, and vision insurance, retirement savings options, flexible time off (FTO), and professional development opportunities. We are open to discussing compensation and benefits further during the interview process to ensure alignment with the candidate’s expectations and experience.
At Ascend Technologies we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.
CORE VALUES
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:
PHYSICAL DEMANDS:
Must be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs, such as laptop, server equipment, and, driving to the work site to meet with client(s).
This position has an onsite component, and applicants must already reside in the central Arkansas area. Relocation will not be provided.
PURPOSE:
A Field vCISO’s primary purpose is to function as a trusted advisor to strategically improve the cybersecurity posture of Ascend clients. Field vCISOs integrate into our client organizations to manage and improve comprehensive cybersecurity programs for mid-market clients based on established frameworks such as NIST CSF, CIS Controls, HIPAA, and more.
Weekly or monthly meetings are held to present data gathered from our various solutions to demonstrate the efficacy of Ascend’s cybersecurity services to client stakeholders and highlight advancement toward the client’s desired maturity. Quarterly presentations to client C-suite or Board of Directors may be required. Completion of security questionnaires, review of vulnerability reports, pen test reports, risk assessments, research on non-Ascend products/services, and communication of strategy for emerging threats or business requirements are all provided to our clients by their vCISO.
Excellent communication and presentation skills are important to help make complex cybersecurity concepts clear and relatable to non-technical audiences across a multitude of industries.
RESPONSIBILITIES:
Serve as the primary contact for client information security programs, interfacing with executive teams and business leaders in person at the client’s headquarters.
- Develop custom cybersecurity programs and drive cybersecurity initiatives that support regulatory requirements, risk appetite, budget targets, and desired outcomes.
- Leads monthly, quarterly, and annual presentations of risk management initiatives among client technical resources, key stakeholders, senior management, and board of directors.
- Review status of security services via regular reports to identify areas in need of attention by Ascend, and present findings to client stakeholders.
- Guide client infosec strategy for addressing gaps and implementing controls found in their desired security framework.
- Manage and measure clients’ security and/or compliance programs.
- Understand compliance and controls to help guide clients' efforts to fully address their requirements and gather evidence in preparation for audit.
- Draft and implement security policies for client organizations.
- Conducts third-party risk assessments to identify technical, operational, and compliance risks and recommend risk reduction strategies.
- Work with the Ascend Cybersecurity Leadership to identify Ascend services required to address security needs of clients.
- Oversees the delivery of cybersecurity engineering services such as vulnerability management, endpoint protection, privilege and identity management, network security, etc.
- Facilitate change, knowledge, and team understanding of the client environment and needs as priorities shift.
- Actively monitors evolving threats and compliance changes and communicates findings to both Ascend and client stakeholders.
- Leads cybersecurity training and tabletop exercises.
- Other Responsibilities as assigned by management.
MINIMUM SKILLS, EDUCATION AND EXPERIENCE
- 5+ years leading information security programs and initiatives and implementing cybersecurity controls to mitigate regulatory and cybersecurity risks.
- 5+ Years experience in cybersecurity, and framework alignment (CMMC, DFARS, NIST 800-171, NIST CSF, HIPAA, FDIC, GLBA, ISO 27001/2, CIS, etc.).
- 5+ Years of strong working knowledge of system, application, network, cloud, and data security best practices.
- Experience preparing for compliance audits including one or more of the following SOC2, CMMC, FDIC, or HITRUST.
- One or more of the following certifications: CISSP, CISA, CISM, CRISC, GLSC, GSTRT, or equivalent.
- BA/BS degree or an equivalent combination of education and experience – preferably advanced degree in related field.
- Demonstrable track record of accomplishment and success.
- Excellent problem solving, decision-making, communication and team building skills.
- Proven experience with engaging executive level leadership to influence and provide strategic insight.
PREFERRED SKILLS, EDUCATION AND EXPERIENCE
- Preferred experience as a Cybersecurity or Compliance manager.
- Experience working through growth phases, acquisition changes, for mid-market organizations or small businesses as they transitioned to mid-market.
- Industry Specialized Certifications for HIPAA, HITRUST, etc.
- Working knowledge of Threat Protection, SIEM, SOC, EDR Platforms, Privilege and Identity Management Platforms.
The salary for this position is commensurate with experience, skills, and qualifications. The range is intended to reflect our commitment to attracting top talent, and the final offer will be based on factors including, but not limited to, the candidate's previous experience, expertise in the field, relevant certifications, and the specific requirements of the role. In addition, internal equity, market trends, and geographic location may also influence the final salary.
Along with a competitive salary, we offer a comprehensive benefits package, including health, dental, and vision insurance, retirement savings options, flexible time off (FTO), and professional development opportunities. We are open to discussing compensation and benefits further during the interview process to ensure alignment with the candidate’s expectations and experience.
At Ascend Technologies we firmly believe that diversity, equity, and inclusion are not only fundamental values but also powerful drivers of innovation, growth, and success. We are committed to fostering an environment where every individual feels valued, respected, and empowered.
CORE VALUES
We are seeking highly motivated individuals who have the willingness and ability to demonstrate Ascend core values:
- Committed to Client Success: Our actions and our words always align with the best interest of the client.
- One Team: We work collaboratively to overcome challenges with humility and respect and do what it takes to find innovative solutions.
- Integrity: We are unquestionably committed to doing the right thing even when it is hard.
- Accountability: We hold ourselves and each other accountable for keeping our commitments to our clients, our communities, and one another.
- Transparency: We create open lines of communication with each other and our clients, fostering relationships founded on candor and trust.
PHYSICAL DEMANDS:
Must be able to sit, stand, and bend for the duration of shift. The position is mainly sitting, with occasional lifting up to 50 lbs, such as laptop, server equipment, and, driving to the work site to meet with client(s).
Apply for this position
Required*