Skip to main content
Tallo logoTallo logo

Fractional Virtual CISO (vCISO)

Job

Forge Path

Norfolk, VA (In Person)

Full-Time

Posted 1 week ago (Updated 6 hours ago) • Actively hiring

Expires 6/29/2026

Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Review key factors to help you decide if the role fits your goals.
How is this calculated?
Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
83
out of 100
Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

Fractional Virtual CISO (vCISO) at Forge Path Fractional Virtual CISO (vCISO) at Forge Path in NORFOLK, Virginia Posted in 9 days ago.
Type:
full-time
Job Description:
About the engagementThis is not a portfolio vCISO role. You will dedicate your hours to a single client a regional CPA firm of about 350 people and own their information security program end-to-end. The client's internal IT team handles operations; ForgePath owns security, and you are the senior face of that program.

The client values continuity and a close advisory relationship with their CISO. We are looking for someone who wants to go deep with one organization rather than rotate across many.

ResponsibilitiesOwn the client's information security strategy, roadmap, governance, and executive reportingMaintain and mature the firm's
GLBA / FTC
Safeguards Rule and HIPAA compliance postureServe as the executive-level security voice to the CIO, CTIO, managing partners, and audit/risk committeeLead policy development, risk assessment, third-party risk, and incident response governanceProvide principal-level technical advisory on architecture, tooling, and cloud security decisions security and adjacent technologyPartner with ForgePath delivery teams on tactical execution (pentest scoping, VM strategy, security tooling rollouts)Brief the client's leadership quarterly and on-demand for major eventsRequired7+ years in information security leadership, including 3+ in a CISO, vCISO, or Director of Security capacityDirect experience supporting CPA firms or comparable professional services environmentsWorking command of
GLBA / FTC
Safeguards Rule and HIPAA applied, not just templatedStrong technical foundation: you can engage substantively on cloud (Microsoft/Azure preferred), endpoint security, network security, and identityExecutive presence you can sit across from a managing partner and earn their trust quicklyWilling and able to act as a principal technology advisor on decisions that extend beyond strict security scopePreferredActive CISSP, CISM, or CCISOPrior in-house experience inside a public accounting firm's IT or risk organizationFamiliarity with SOC 2 and PCI in adjacent contextsCompensation$125$150/hour, 1099 contractorApproximately 20 hours per month, with rare months extending toward 40 recblid ias5thrjh6rgzxlt34859q01qvom0z