Apply
Virtual Chief Information Security Officer (vCISO)
Fully Remote Remote Worker
Apply
Description

  POSITION SUMMARY

As a vCISO, you will play a critical role in ensuring the security of our organization's systems and infrastructure. You will be responsible for supporting governance initiatives, assessing and managing risks, ensuring compliance with relevant regulations and standards, and providing technical expertise to enhance system security engineering. Additionally, you will support responsibilities related to SOC 2 Type II, HIPAA, and PCI compliance audits while ensuring the security of systems and infrastructure through strategic oversight.

Requirements

  

RESPONSIBILITIES AND DUTIES

1. Governance, Risk, and Compliance (GRC):

· Assist in the development, implementation, and maintenance of effective cyber security policies, procedures, and standards.

· Support governance initiatives by establishing and maintaining security frameworks, controls, and documentation.

· Conduct risk assessments and work closely with stakeholders to identify, analyze, and mitigate potential security risks.

· Ensure compliance with relevant regulatory requirements, industry standards, and best practices.

· Assist in the preparation and participation in security audits and assessments.

2. System Security Engineering:

· Collaborate with cross-functional teams to incorporate security controls and requirements into system design and development processes.

· Conduct security architecture reviews and provide technical guidance to ensure the implementation of robust security measures.

· Perform security assessments and penetration testing on systems, networks, and applications.

· Identify vulnerabilities, analyze security flaws, and recommend remediation strategies.

· Stay updated with emerging threats, vulnerabilities, and security technologies to enhance system security engineering practices.

3. Incident Response and Security Monitoring:

· Contribute to the development and testing of incident response plans and procedures.

· Participate in security incident investigations, root cause analysis, and remediation efforts.

· Collaborate with the incident response team to implement proactive security monitoring and threat detection measures.

· Assist in the deployment and management of security monitoring tools and technologies.

QUALIFICATIONS

  • Bachelor’s degree in computer science, Information Technology, or a related field.
  • Proven experience as a Cyber Security Engineer, Security Analyst, or a similar role.
  • Strong understanding of cyber security principles, risk management methodologies, and compliance frameworks.
  • In-depth knowledge of security technologies, including firewalls, intrusion detection/prevention systems, SIEM, and vulnerability scanning tools.
  • Familiarity with regulatory requirements (e.g., GDPR, HIPAA), industry standards (e.g., NIST, ISO 27001), and frameworks (e.g., COBIT, ITIL).
  • Experience with and interpreting cyber security framework (e.g., NIST CSF, HIPAA HITRUST, CIS20, CSA CSF)
  • Experience in system security engineering, secure software development, or secure system      design.
  • Proficiency in conducting security assessments and vulnerability management.
  • Familiarity with incident response processes and security monitoring practices.
  • Excellent problem-solving and analytical skills.
  • Strong communication and collaboration abilities.
  • Relevant certifications such as CISSP, CISM, CASP+, or GIAC are highly desirable.

HOURS & SCHEDULE

This position is primarily business hours (Monday-Friday 8am – 5pm EST) with occasional after-hours work for incident troubleshooting or project work. All engineers are part of an on-call rotation and may be escalated issues off hours.
 

WORK PERKS

  • 100% permanently remote position with no plans to return to an office  
  • Extensive paid time off including paid holidays and float holidays  
  • Highly competitive and flexible medical, dental, and vision benefits plans to suit your needs  
  • 401(k) with generous employer match  
  • Tailored Life and Disability insurance plans  
  • Full reimbursement for approved professional certification and career enriching opportunities  
  • Monthly mobile phone plan and internet service stipend
     

WHAT WE DO

Magna5 is a rapidly growing IT Managed Service Provider delivering cybersecurity, private and public cloud hosting, backup and disaster recovery and other advanced services from mid-market to enterprise customers nationwide, including leaders within the education, healthcare, government, financial services, manufacturing, and other industry segments. We integrate advancements in technology and processes to drive businesses forward. As a trusted managed services provider, we bring together the right mix of managed IT services, security, and network connectivity, fully managed by our team of experts 24/7/365. Our passion is to help companies function better, faster, and smarter. We offer an exciting and collaborative environment, with growth potential. For more information, visit our website at http://www.magna5.com/ 

Apply
View All Jobs