Phoenix's small and mid-sized businesses face the same cybersecurity threats as the Fortune 500 but with a fraction of the resources. cloudIT bridges that gap. We are a growing Technology Service Provider built on the belief that every business deserves enterprise-grade security expertise, regardless of size. We are looking for a strategic, people-first vCISO to champion that mission across our client base.
About the Role As a vCISO at cloudIT, you will serve as a fractional security leader for a portfolio of clients who do not have and cannot afford a full-time CISO. You will work from our Phoenix office, managing multiple client relationships simultaneously, building practical security programs around cloudIT's proven security stack. This role is equal parts strategist, communicator, and trusted advisor.
What You Will Do Security Strategy and Leadership | • | Develop and own practical, business-aligned security roadmaps built on cloudIT's security stack | | • | Present security posture updates to IT leaders and business owners in clear, actionable terms | | • | Track emerging threats and regulatory shifts across healthcare, real estate, financial services, and construction |
Risk Management | • | Conduct risk and vulnerability assessments calibrated to client environments | | • | Prioritize remediation based on business impact, not just severity scores | | • | Build realistic risk treatment plans clients can actually execute |
Compliance and Governance | • | Guide clients through HIPAA, PCI-DSS, CMMC, NIST CSF, and other relevant frameworks | | • | Develop right-sized policies and procedures that are actionable, not shelf-ware | | • | Conduct periodic audits and gap assessments using cloudIT's toolset |
Incident Response and Management | • | Build and test incident response plans suited to SMB realities | | • | Lead response coordination during incidents, keeping stakeholders informed | | • | Drive post-incident improvements supported by cloudIT's monitoring capabilities |
Security Stack Adoption and Technical Oversight | • | Champion cloudIT's stack including MDR, SIEM, endpoint protection, MFA, and cloud security controls | | • | Ensure solutions are implemented correctly and delivering measurable value | | • | Assess third-party vendor risk and guide secure procurement decisions |
Client Relationship Management | • | Manage a portfolio of clients, engaging at the right level for each organization | | • | Show up as a trusted partner by proactively communicating risks and celebrating wins | | • | Translate complex security concepts into plain language across industries and experience levels |
What You Bring | • | 5+ years in information security, with at least 2 years in a leadership or advisory capacity | | • | Ability to engage effectively with both IT leaders and non-technical business owners | | • | Comfort managing multiple client engagements with competing priorities | | • | Experience working with or for an MSP or TSP is a strong plus |
Preferred Certifications Framework Knowledge | NIST CSF | ISO 27001 | HIPAA | PCI-DSS | CMMC |
What We Offer | Health Benefits | Medical, dental, and vision | | Retirement | 401(k) with company match | | Professional Development | Certification sponsorship and continuing education |
Ready to elevate security for Phoenix's businesses? If you want to be part of a team that is genuinely changing how businesses think about security, we want to hear from you. |
|
