Virtual CISO

DOT Security • Mettawa, IL, US • 1d ago

Description

DOT Security leverages expert personnel, efficient processes, and effective technology to improve client cybersecurity through outstanding detection, response, risk management, and compliance services. DOT continuously improves internal processes and technology to enhance provided services and yield increased client resilience against cyberattacks.

DOT is seeking to fill the role of Virtual Chief Information Security Officer (vCISO). A vCISO acts as the client liaison for Managed Security services. The vCISO coordinates with the SOC team, client executive leadership, and client IT support to ensure excellent services are delivered.

The vCISO is not a remote position. The vCISO is required to be on-site at the DOT Security - Security Operations Center.

Responsibilities

Advise clients on cyber risks and recommend appropriate security training.
Align client cybersecurity strategies with IT and business goals.
Analyze cybersecurity policies, procedures, and controls, providing actionable feedback.
Assess and enhance the effectiveness of client cybersecurity measures.
Maintain and update Risk Registers with comments and next-touch dates.
Develop and deliver reports to inform client decision-makers about cyber risks.
Establish and maintain communication with client IT and executive stakeholders.
Monitor and report on telemetry status, coverage, and performance.
Share meaningful insights to improve client risk comprehension.
Track client maturity against CIS Control groups over time.
Identify and resolve security issues with urgency, setting realistic timeframes.
Follow through on priorities and set clear expectations.
Contribute to the development and improvement of policies, processes, and procedures.
Demonstrate active listening, critical thinking, and adaptability in a dynamic environment.
Stay informed about technology advancements and their cybersecurity implications.
Present technical concepts to non-technical audiences effectively.
Provide exceptional customer service while working under pressure.
Resolve issues early and document work in a ticketing system.

Things We Are Looking For

Knowledge/Skills/Abilities

Strong client relationship management, including listening, expectation setting, and results delivery.
Ability to interpret and apply feedback for process, product, and service improvement.
Expertise in policy, process, and procedure development and review.
Knowledge of project management principles and techniques.
Experience with risk assessment methodologies, scoring, and mitigation strategies.
Familiarity with supply chain risk management standards and best practices.
Ability to work independently and collaboratively in complex environments.
Adaptability to incomplete data and unprecedented situations.
Strong understanding of cybersecurity concepts related to assets, applications, data, networks, and users.
Clear, professional communication using various technologies and platforms.
Critical thinking, problem-solving, and customer service skills.
Ability to document and convey complex technical concepts and incidents.
Experience preparing and delivering reports, plans, and presentations.
Understanding of system administration, cybersecurity frameworks, and best practices.
Knowledge of system resiliency, redundancy, data backup, recovery, and business continuity.
Ethical hacking principles and a commitment to integrity and ethical practices