Virtual Chief Information Security Officer (vCISO) - MD

remote, MD

Position Summary 

A leading provider of advanced IT consulting services, is seeking a highly experienced Virtual Chief Information Security Officer (vCISO) to support one of our higher education clients. This is a remote, part-time consulting role requiring approximately 20 hours per week, with potential for additional hours during cybersecurity incidents. The vCISO will serve as a strategic advisor and hands-on security leader, supporting our client in strengthening their cybersecurity program, enhancing regulatory compliance, and managing cyber risk. 

Essential Duties and Responsibilities

  • Conduct detailed cybersecurity risk assessments, including analysis of current security controls, vulnerabilities, and threat landscape
  • Lead compliance efforts under the Gramm-Leach-Bliley Act (GLBA), serving as the Qualified Individual (QI) to report to executive leadership
  • Update and implement cybersecurity policies: Incident Response, Vendor Management, Data & Asset Management, and more
  • Provide oversight and strategic direction for incident response, including breach containment, investigation, post-incident review, and reporting
  • Guide the adoption of security frameworks (e.g., CIS Critical Security Controls), Zero Trust Architecture, and Cloud Security Posture Management
  • Support third-party risk evaluations using HECVAT and strengthen vendor security oversight
  • Provide monthly reports, dashboards, and executive briefings on security KPIs/KRIs
  • Review and improve security awareness training, conduct tabletop exercises, and advise on cyber insurance preparedness

Knowledge, Skills and Abilities

  • Strong understanding of GLBA, FERPA, HIPAA, and Maryland/state privacy regulations
  • Excellent communication skills with ability to present to executive and board-level stakeholders
  • Ability to work independently as a strategic consultant while collaborating with client teams

Education & Experience

  • Bachelor's degree in Cybersecurity, IT, Computer Science, or a related field (Master's preferred)
  • 7–10+ years of experience in IT security, including leadership in CISO or equivalent roles
  • At least one of the following certifications (current):
    • CISSP (Certified Information Systems Security Professional)
    • CISM (Certified Information Security Manager) 
    • CISA (Certified Information Systems Auditor)
  • Experience with frameworks such as CIS, NIST, ISO, and cloud platforms like Microsoft 365, AWS, or Azure

Get Updates

Are you interested in hearing about new opportunities at Vensure Employer Solutions in real time? Enter your email address to be notified automatically when new positions are posted.