Job Description
This a Full Remote job, the offer is available from: Illinois (USA) Description You will serve as an enterprise-level Information Security SME, partnering with clients to assess their security posture and design proactive, tailored security and risk-management programs. As a trusted strategic advisor, you’ll lead risk assessment initiatives, compliance modeling, policy development, and ongoing security strategy for a portfolio of clients. Specific Responsibilities • Own SMB vCISO engagements end-to-end across multiple verticals: scope, plan, execute, and deliver measurable security outcomes as the primary client security executive. • Lead risk assessments (enterprise/IT/security): interviews, evidence validation, risk scoring, risk register creation, and prioritized remediation roadmaps. • Drive compliance readiness for CMMC, PCI DSS, and HIPAA through gap analysis, control validation, evidence mapping, and audit-prep leadership. • CMMC experience required: define boundaries and CUI scope, support SSP/POA&M development, validate implementation of required practices, and prepare clients for assessor interactions. • Establish and mature core security controls (IAM/MFA/least privilege, endpoint/email security, vulnerability management, logging/monitoring, backup/DR testing). • Run incident readiness and response governance: create/maintain IR plans, facilitate tabletop exercises, and provide executive leadership during incidents through lessons learned. • Implement vendor/third-party risk management appropriate for SMBs: tiering, due diligence, and contract/security requirements for critical vendors. • Maintain strong executive communication and cadence: recurring stakeholder meetings, clear status reporting, risk-based decision support, and coordination of internal/partner resources to close gaps. • Mentor client technical resources and teams as needed. • Regularly collaborate with Sales, SAMs, Solutions Architects, and Strategic Services on client alignment and solution development. • Perform additional duties as assigned to support business objectives. Requirements Required Skills & Qualifications • 10+ years in senior security roles (CISO, vCISO, Director of InfoSec) in client-facing or consultancy settings. • Deep understanding of compliance frameworks and risk management methodologies. • Proven ability to advise C-level executives and boards on security strategy. • Strong governance, technical architecture, and incident response expertise. • Experience managing multiple concurrent client engagements. • Certifications such as CISSP, CISM, CISA, or CRISC required. • Bachelor’s degree in Information Security, Computer Science, or a related discipline. • Valid driver’s license and reliable form of transportation. Physical Requirements • Extensive desk/computer work and executive client presentations. • Occasional travel to client locations (up to ~70%), requiring valid driver’s license and reliable transport. • Sit for extended periods and use keyboard/mouse, phone, and office devices. • Ability to lift up to 35 lbs (e.g. laptops, documentation). • Enter confined spaces (e.g. server closet) for client assessments as needed. • Clear verbal communication in a board, client, or executive setting; visual acuity for report creation and presentations. Benefits GROUP HEALTH INSURANCE: After a 30-day waiting period, full-time employees (who work at least 30 hours per week) and their dependents, are eligible to enroll in health benefits utilizing the Cigna network. Health options include a choice of 2 PPO plans or a High Deductible Health Plan with employer contributions to a Health Savings Account (HSA). In addition, Dental benefits are available as well as a Vision PPO plan utilizing the EyeMed network. Proven also offers voluntary worksite benefits including critical illness, hospital indemnity, accident coverage, short-term disability insurance, supplemental life and pet insurance. Additional offerings include an employee discount program, home and auto insurance services and commuter/transit FSA. EMPLOYER PROVIDED LIFE/AD&D INSURANCE: After a 30-day waiting period, Proven IT provides a flat $25,000 Life Insurance benefit, administered by BlueCross BlueShield, to all full-time employees (who work at least 30 hours per week). Accidental Death & Dismemberment (AD&D) benefit payments are determined based on the type of loss incurred and are payable up to the full Life Insurance benefit amount. Life and AD&D Insurance coverage amounts are reduced at ages 65, 70 and 75. EMPLOYER PROVIDED LTD: Long-Term Disability (LTD) insurance is an employer-provided benefit and provides protection from loss of income in the event that an employee is unable to work due to illness, injury, or accident for a long period of time. The elimination period is 90-days, and the maximum benefit is 60% of covered payroll up to $6000/month. This benefit is paid entirely by Proven IT and has no cost to the employee. EMPLOYEE ASSISTANCE PROGRAM:
Apply tot his job
Apply To this Job