Senior Virtual CISO (vCISO)– GRC Advisor

About us: RKON is an ISO27001 and AICPA SOC 2 Type II certified company that specializes in providing IT migration and transformation services for the Mergers and Acquisitions market. RKON was recently recognized as one of the 100 best places to work in IT, highlighting our competitive advantage of empowering thought leaders and providing cutting-edge solutions for the fast-paced industry of private equity. RKON is looking for ambitious professionals to join our award-winning team. We have a proven track record for finding and developing top talent with people that believe they can achieve something greater. We also pride ourselves on fostering an environment where initiative, creative thinking, and collaboration are encouraged and rewarded—a key reason for the extraordinary level of service we deliver to our customers. RKON does not accept unsolicited resumes from staffing agencies, search firms or any third parties. About the position: The Senior vCISO Advisor serves as a fractional Chief Information Security Officer for multiple client organizations, providing executive-level security leadership, enterprise risk governance, and compliance oversight, independent of any managed IT provider. The Senior vCISO is backed by a broader Security Advisory team including analysts, GRC specialists, offensive security testers, and other senior advisors.

Responsibilities

Include:

• Serve as the primary security executive advisor to client leadership and boards.
• Define and maintain security strategy, multi-year roadmaps, and risk priorities, aligned to NIST-based risk management practices.
• Own enterprise risk programs, including risk registers, treatment decisions, and maturity tracking.
• Lead audit and compliance readiness across common security and compliance frameworks.
• Govern incident response programs, including IR plans, tabletop exercises, and executive coordination during active incidents.
• Oversee client GRC platforms as the system of record for risk, controls, policies, vendors, and audit evidence.
• Lead vendor and service-provider risk management, including cyber insurance and customer security reviews.
• Manage multiple concurrent vCISO engagements while maintaining delivery quality, executive credibility, and client trust.
• Direct, review, and assure work performed by analysts, specialists, and other advisors in support of client objectives.

Required Technical and Professional Expertise

• 10+ years in information security, GRC, audit, or security program leadership.
• Demonstrated experience functioning as a vCISO, CISO, or senior CISO advisor.
• Deep hands-on experience with enterprise security and compliance frameworks including NIST.
• Proven ability to:
• Operate at the executive and board level
• Translate security risk into business and financial impact
• Advise client leadership in making risk acceptance, prioritization, and investment decisions
• Demonstrated leadership in:
• Incident response governance
• Third-party and service-provider risk
• Experience managing multiple clients in parallel.

Preferred Technical and Professional Expertise

• Microsoft data governance and information protection, including Purview, sensitivity labels, DLP, and records management.
• Cloud security governance across Azure, AWS, and SaaS platforms.
• Privacy engineering and data protection operations supporting global privacy programs.
• Identity and access governance, including privileged access management and zero trust strategies.
• Cyber insurance readiness and claims advisory.
• M&A cyber due diligence and post-close security integration.
• Business continuity and disaster recovery governance and tabletop facilitation.
• Security metrics, KRIs, and board-level reporting.
• Regulatory change management and policy modernization.
• Industry-related certifications: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor or Lead Implementor

Compensation: The base salary range for this position is $185,000-$205,000. This is an estimated range based on the circumstances at the time of posting, however, may change based on a combination of factors, including but not limited to skills, experience, education, market factors, geographical location, budget, and demand. This position is also eligible for a bonus component that would be dependent on pre-defined performance factors. As part of our total compensation package, RKON provides a benefits package that includes health insurance (medical, dental, vision, life, and long and short-term disability insurance); flexible time off; and a 401(k) Plan with employer match to qualifying employees. All compensation determinations are based on the skills and experience required for the position and commensurate with experience of selected individuals, which may vary above and below the stated amounts. Apply tot his job Apply To this Job