Mexico Virtual CISO - Freelance
Mexico City, CDMX, Mexico
We are currently seeking a highly qualified and experienced cybersecurity professional to join our team. This position involves conducting evaluations primarily for clients in Latin America, with the possibility of some assessments in the United States.
Responsibilities and Requirements
Risk Framework Implementation: Participate in one-time implementation projects, with an estimated 7 hours per project duration.
DUTIES:
- Define, develop, and manage a testing program designed to oversee the design and effectiveness of IT and cyber controls
- Oversee implementation of risk management frameworks related to IT security and IT Risk
- Provide effective challenge to IT and Cyber security assessments executed
- Engaged in policy creation or enhancement focused on data management, data classification, enterprise data loss prevention, cloud data loss/cloud access security, data privacy
- Help define appropriate risk appetite limits associated with the technology environment, then help develop and oversee monitoring of appropriate KPIs across the technology environment.
- Oversee the framework for business continuity and disaster recovery. Participate where necessary in planning and/or test exercises
Reporting:
- Provide technology-based risk requirements/issues in non-technical terms to senior management.
- Oversee aggregated reporting of IT risks and issues
- Communicate information across various committees and working groups
Virtual CISO (vCISO) Contracts: Maintain monthly vCISO contracts, with a commitment of 5-15 hours per month.
Qualifications:
- Privacy, Security and/or Third-Party Risk Management experience and/or relevant certifications such as IAPP CIPM, ISC2 CISSP are preferred with a CISA required
- Ability to translate business requirements into complete and deliverable specifications
- Project Management: Excellent organizational and project management and facilitation skills. Ability to prioritize and handle multiple concurrent projects. Ability to synthesize and analyze data from a variety of sources, identify issues, draw conclusions, and craft solutions
- Fluency in English: A C1 or C2 level of English fluency is required.
- Excellent interpersonal skills for interacting with/influencing cross-functional teams and gaining consensus. Strong listening and question-based knowledge-gathering skills.
- Location: The position is remote, but it is necessary to reside in Mexico, specifically in Mexico City, Oaxaca, Monterrey, Guadalajara, Merida, Tijuana, or Cancun.
- Must have over 5 years of cybersecurity consulting experience and direct experience with ISO27001, SOC 2 or PCI DSS compliance.
- Ability to offer advisory services on ISO27001, SOC2, PCI DSS, NIST CSF, NIST SP 800-53, HIPAA, and GDPR.
Compensation:
The hourly rate for this position is USD 100. We are seeking skilled professionals who are passionate about cybersecurity and eager to work in a challenging environment to contribute to the success of our projects.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISA CISO CISSP Cloud Compliance GDPR HIPAA ISO 27001 KPIs Monitoring NIST NIST 800-53 PCI DSS Privacy Risk management Security assessment SOC SOC 2
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cloud Security Architect jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Manager Pentest H/F jobs
- Open Security Operations Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Security Consultant jobs
- Open Senior Network Security Engineer jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open Risk assessment-related jobs
- Open CISM-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open DevOps-related jobs
- Open Splunk-related jobs
- Open IDS-related jobs
- Open APIs-related jobs
- Open IPS-related jobs
- Open Kubernetes-related jobs