Senior Information Security Consultant // vCISO // Significant Hands on Security Experience

---

---

Large, global organization seeks a senior IT security consultant. Through rapid growth and numerous acquisitions, our company has evolved into a complex network of systems and policies across multiple entities. As a result, our security posture today is decentralized, inconsistent, and in need of transformation. We are seeking a highly experienced, technically hands-on Head of Information Security (contractor) to take full ownership of our security strategy and execution. You will assess our current environment, identify and prioritize risk, and drive the design and implementation of a unified, comprehensive, and mature security framework across our enterprise. This is a senior, leadership-level contractor role—ideal for someone who thrives in complexity and has a strong track record of building enterprise-grade security programs from the ground up. Your Mission: To take our patchwork security environment—currently a result of years of decentralized growth—and build a cohesive, consistent, and scalable security program that protects our people, data, infrastructure, and customers. Key Responsibilities: Security Leadership & Strategy o Serve as the de facto Head of Information Security. o Own, define, and drive a unified security vision and roadmap across all business units. o Collaborate with IT, Engineering, Compliance, Legal, and Executive Leadership. Risk Assessment & Program Development o Conduct enterprise-wide risk assessments. o Identify and prioritize critical security gaps and design remediation strategies. o Establish and maintain a robust security framework covering network, data, systems, users, and third parties. Network & Endpoint Security o Evaluate and secure complex, multi-region network environments. o Configure and optimize routers, firewalls, and firewall rules across entities. o Implement endpoint protection strategies (EDR, antivirus, encryption). Encryption & Access Control o Deploy and enforce data encryption standards (e.g., BitLocker) across laptops and endpoints. o Overhaul access control strategies, including the use of YubiKeys, identity verification, and physical security measures. Monitoring, Detection & Response o Design and implement real-time monitoring and incident response processes. o Deploy and operationalize EDR solutions (e.g., CrowdStrike). o Leverage tools like Darktrace to identify and respond to threats proactively. Vendor & Third-Party Risk Management o Establish risk management practices for external vendors and third-party integrations. Employee Awareness & Training o Develop and roll out employee security training and awareness programs across regions. Continuous Improvement o Create metrics and KPIs to measure progress and maintain accountability. o Continuously monitor, report, and refine the security program. Key Tools & Technologies: • CrowdStrike EDR • Darktrace • Firewalls (Fortinet, Palo Alto, or similar) • BitLocker or equivalent disk encryption • YubiKey and MFA tools • Network monitoring and SIEM solutions • Physical access control systems Who You Are: • A seasoned security leader with 15+ years of experience in information security, risk management, and enterprise architecture. • Deep technical knowledge of network security, endpoint protection, encryption, and access control. • Hands-on experience securing multi-entity, multi-country environments post-acquisition. • Strong track record implementing security tools, processes, and governance from the ground up. • Experience leading security assessments and designing scalable, standardized programs across fragmented environments. • Comfortable working independently, building structure where there is none, and owning security end-to-end. • Excellent communication skills with the ability to engage stakeholders at all levels. To Apply: Please include the following in your application: • A brief cover letter summarizing your experience with similar security transformations. • Examples of past projects where you've led end-to-end security implementations. • Your availability and expected hourly rate. You must be US-based, and this will be verified. All company meetings are conducted with camera on -- please ensure this works for you. Finally, please do not use ChatGPT or any other LLM to respond to this ad (it's painfully obvious.)

Keyword: Business Consulting

Price: $85.0

Cybersecurity Management Incident Response Plan Information Security Firewall Security Analysis Penetration Testing Security Infrastructure Encryption Internet Security Network Security