Mexico Virtual CISO - Freelance

We are currently seeking a highly qualified and experienced cybersecurity professional to join our team. This position involves conducting evaluations primarily for clients in Latin America, with the possibility of some assessments in the United States.

Responsibilities and Requirements

Risk Framework Implementation: Participate in one-time implementation projects, with an estimated 7 hours per project duration.

DUTIES:

• Define, develop, and manage a testing program designed to oversee the design and effectiveness of IT and cyber controls
• Oversee implementation of risk management frameworks related to IT security and IT Risk
• Provide effective challenge to IT and Cyber security assessments executed
• Engaged in policy creation or enhancement focused on data management, data classification, enterprise data loss prevention, cloud data loss/cloud access security, data privacy
• Help define appropriate risk appetite limits associated with the technology environment, then help develop and oversee monitoring of appropriate KPIs across the technology environment.
• Oversee the framework for business continuity and disaster recovery. Participate where necessary in planning and/or test exercises

Reporting:

• Provide technology-based risk requirements/issues in non-technical terms to senior management.
• Oversee aggregated reporting of IT risks and issues
• Communicate information across various committees and working groups

Virtual CISO (vCISO) Contracts: Maintain monthly vCISO contracts, with a commitment of 5-15 hours per month.

Qualifications: 

• Privacy, Security and/or Third-Party Risk Management experience and/or relevant certifications such as IAPP CIPM, ISC2 CISSP are preferred with a CISA required
• Ability to translate business requirements into complete and deliverable specifications
• Project Management: Excellent organizational and project management and facilitation skills. Ability to prioritize and handle multiple concurrent projects. Ability to synthesize and analyze data from a variety of sources, identify issues, draw conclusions, and craft solutions
• Fluency in English: A C1 or C2 level of English fluency is required.
• Excellent interpersonal skills for interacting with/influencing cross-functional teams and gaining consensus. Strong listening and question-based knowledge-gathering skills.
• Location: The position is remote, but it is necessary to reside in Mexico, specifically in Mexico City, Oaxaca, Monterrey, Guadalajara, Merida, Tijuana, or Cancun.
• Must have over 5 years of cybersecurity consulting experience and direct experience with ISO27001, SOC 2 or PCI DSS compliance.
• Ability to offer advisory services on ISO27001, SOC2, PCI DSS, NIST CSF, NIST SP 800-53, HIPAA, and GDPR.

Compensation:

The hourly rate for this position is USD 100. We are seeking skilled professionals who are passionate about cybersecurity and eager to work in a challenging environment to contribute to the success of our projects.