Virtual CISO & Cybersecurity Practice Lead
Who We Are
Reputation Management Consultants (RMC) is an affiliated organization with a premier advisory firm specializing in reputation management and strategic consulting for mid-market companies and high-profile clients. We are launching a dedicated cybersecurity division to address a critical truth our clients face every day: a data breach is a reputation event. We're building an AI-powered cybersecurity practice from the ground up and are looking for a senior practitioner to lead it.
Position Overview
You will serve as the senior cybersecurity practitioner and virtual CISO to a growing portfolio of mid-market clients (typically $25M–$150M in revenue, 100–1,000 employees). You will own the full client lifecycle, from initial security risk assessments through ongoing advisory, compliance management, and incident response coordination.
Key Responsibilities
- Serve as the outsourced CISO for 8–12 clients, providing executive-level security leadership on a fractional basis
- Conduct security risk assessments, gap analyses, and penetration testing oversight for prospective and current clients
- Develop and maintain security programs, policies, and incident response plans tailored to each client's risk profile and regulatory environment
- Manage compliance frameworks including SOC 2, HIPAA, PCI-DSS, CCPA, NIST CSF, and CMMC
- Present security posture, risk exposure, and remediation roadmaps to boards of directors, C-suites, and audit committees in clear, business-oriented language
- Oversee and leverage AI-driven security tooling for vulnerability scanning, log analysis, threat detection, and compliance evidence collection
- Quarterback incident response when clients face active threats or breaches, coordinating forensics, legal, communications, and remediation
- Collaborate with RMC's reputation management team to deliver integrated crisis response when security events create reputational exposure
- Participate in business development — joining sales conversations, scoping engagements, and helping close new cybersecurity retainers
- Recruit, manage, and mentor junior analysts as the practice scales
- Build standardized methodologies, reporting templates, and delivery playbook
