[Hiring] Virtual Chief Information Security Officer @Alluvionic

Role Description

Alluvionic is seeking an experienced Virtual Chief Information Security Officer (vCISO) to provide part-time, executive-level cybersecurity leadership to support multiple client engagements. This role is responsible for establishing and maturing cybersecurity governance programs, advising executive leadership on risk and compliance, and ensuring alignment with key frameworks such as NIST CSF, NIST SP 800-171, and CMMC.

The vCISO serves as a strategic advisor and program leader—bridging business objectives with cybersecurity priorities—while supporting both initial readiness efforts (e.g., CMMC certification) and ongoing program sustainment. This role is designed for a highly experienced cybersecurity professional capable of supporting multiple engagements concurrently with a structured, scalable delivery approach.

Must be US Citizen

Position: Contingent Upon Contract Award

This is a part-time executive advisory engagement (approximately 25-30 hours per month) for an initial 12-month period, with potential for extension.

Key Responsibilities

• Provide executive-level cybersecurity advisory services, including governance, risk management, and strategic planning
• Establish and maintain cybersecurity governance structures, roadmaps, and reporting cadence
• Lead enterprise risk management activities, including risk register development, tracking, and executive reporting
• Support compliance and framework alignment (NIST CSF, NIST SP 800-171, CMMC, SOC 2, ISO 27001 as applicable)
• Guide CMMC readiness efforts, including coordination of documentation, audit preparation, and assessment support
• Provide executive reporting, dashboards, and strategic recommendations to support decision-making
• Advise on security operations, vulnerability management, and incident response governance
• Support cybersecurity investment planning, tool selection, and vendor evaluation
• Facilitate communication across technical teams, leadership, and external stakeholders
• Collaborate with delivery teams (e.g., Cyber Analysts, Project Managers) to ensure coordinated execution

Qualifications

• 10+ years of cybersecurity leadership experience (vCISO, CISO, or equivalent advisory role)
• Deep experience in governance, risk, and compliance (GRC) within regulated environments
• Strong working knowledge of NIST CSF, NIST SP 800-171, CMMC, and related frameworks
• Experience supporting audit readiness, compliance programs, and executive reporting
• Ability to translate technical risk into business-aligned recommendations
• Relevant certifications preferred (e.g., CISSP, CISM, CRISC, CCP)

Additional Information

This engagement is structured as a 1099 independent consultant role. The consultant must be able to operate independently, provide strategic executive guidance, and engage effectively with senior leadership in a highly regulated cybersecurity environment.

Company Description

Alluvionic is a woman-owned, 8(a) certified solutions provider of project management and process improvement services. We offer a wide range of products and services including extensive enterprise Process Improvement, CMMI (Capability Maturity Model Integration), CMMC (Cybersecurity Maturity Model Certification), PMO (Project Management Office), and ERP (Enterprise Resource Planning) implementations for clients in various industries, providing Project Assurance® for every project.

We pride ourselves in being a Registered Provider Organization (RPO) with the CMMC Accreditation Body.

What it’s like to work at Alluvionic:

• Being surrounded by helpful and brilliant people who want to support your career growth
• A company that puts people first and helps you get where you want to go
• Owning mistakes, fixing them, and improving processes
• Working hard while also having fun, especially at happy hour
• Living by company values of Family, Integrity, Professionalism, Innovation, Forward-Progress, Organization, and Communication

Alluvionic is an authorized DoD SkillBridge Partner Organization. The DoD SkillBridge program is an opportunity for servicemen & servicewomen to complete an internship during the last 180 days of service to gain valuable civilian career experience.