Virtual CISO

R

ReAssured Workforce Solutions

Virtual CISO

National
Full Time
Paid
  • Responsibilities

    Job Title: Virtual Part-Time Chief Information Security Officer (CISO)

    Location: Fully Remote (Must have a working computer and secure internet connection)

    Position Type: Part-Time (15–20 hours/week)

    Reports To: Chief Executive Officer (CEO)

    Compensation: $45,000–$75,000 annually (commensurate with experience)

    Application Deadline: Rolling

    About Our Organization

    We are a mission-driven non-profit dedicated to advancing holistic family well-being, with a focus on uplifting Black, Indigenous, and People of Color (BIPOC) communities. Our work includes providing resources, advocacy, and direct services to empower families through culturally responsive programs.

    Role Overview

    We seek an entry-level Virtual Part-Time CISO (2–5 years of experience) to safeguard our digital infrastructure and sensitive data. This role will focus on mitigating phishing risks, securing Microsoft 365 environments, and implementing cost-effective security strategies aligned with our non-profit mission.

    Key Responsibilities

    Strategic Cybersecurity Leadership

    • Develop and execute a 12-month security roadmap prioritizing phishing defense and Microsoft 365 protection.

    • Align security initiatives with organizational goals, such as securing donor databases and telehealth platforms for underserved communities.

    Phishing Mitigation & Incident Response

    • Deploy Microsoft Defender for Office 365 to detect/quarantine phishing emails.

    • Conduct monthly simulated phishing campaigns (e.g., mock grant opportunity scams) and train staff using CISA guidelines.

    • Lead incident response for breaches, including containment protocols for compromised accounts.

    Microsoft-Centric Security Operations

    • Harden Microsoft 365: Enforce Entra ID MFA, disable legacy protocols, and apply Purview encryption to sensitive files.

    • Audit third-party tools (e.g., fundraising software) for compliance with Microsoft Secure Score benchmarks.

    Compliance & Training

    • Ensure adherence to state privacy laws and IRS cybersecurity disclosure requirements.

    • Create multilingual training materials (e.g., Spanish, Haitian Creole) for remote staff and volunteers.

    Qualifications

    Required

    • 2–5 years of hands-on cybersecurity experience, including phishing response and Microsoft 365 administration.

    • Proficiency in NIST CSF or ISO 27001 frameworks tailored to non-profit budgets.

    • Strong communication skills to translate technical risks into mission-impact terms

    Preferred

    • Bachelors Degree

    • Certifications: Microsoft SC-200/SC-900, CompTIA Security+, or Certified Ethical Hacker (CEH).

    • Non-profit/social services experience, particularly with BIPOC communities.

    Work Environment

    • Remote Setup: Must provide own computer

    • Collaboration: Biweekly strategy meetings with CEO, monthly syncs with IT volunteers.

    • Flexibility: Hours adjustable around critical fundraising/outreach periods.

    DEI Commitment

    We prioritize candidates who:

    • Understand cultural nuances in securing data for marginalized communities.

    • Can design accessible training (e.g., visual guides for staff with limited tech literacy).

    How to Apply

    Submit the following to email by date:

    1. Resume highlighting Microsoft 365 security experience.
    2. Brief cover letter explaining your approach to phishing mitigation in non-profits.
    3. Example of a security policy you’ve implemented (1 page max).

    Equal Opportunity Employer

    We celebrate diversity and encourage applicants from BIPOC, LGBTQ+, and disability communities. No relocation required.

    This job description integrates mission alignment, technical specificity, and DEI priorities to attract candidates capable of balancing security rigor with non-profit resource constraints.