Fractional Chief Information Security Officer (CISO) – PART-TIME

Fractional Chief Information Security Officer (CISO) – PART-TIME

Mindtech is your gateway to exciting and impactful tech projects. We specialize in end-to-end software outsourcing, linking Latin American talent with global opportunities. Our fast, cost-effective approach ensures that our clients receive exceptional service and innovative solutions. With a diverse team of over 70 skilled professionals across Latin America and the US, we are committed to delivering software that drives success.

Position Overview:

We are seeking an experienced Fractional CISO to join our team on a part-time basis to enhance and maintain our security posture. The ideal candidate will have a strong background in information security, Microsoft Azure, and endpoint management. This role is ideal for a seasoned security professional looking to provide strategic and hands-on support in a flexible, fractional model.

Key Responsibilities:

1. Security Policy and Documentation Review

a. Evaluate and update existing security policies to ensure they align with best practices and regulatory standards.

b. Conduct regular reviews of security documentation to identify areas for improvement and implement adjustments as needed.

c. Ensure that all security documents are well-maintained, accessible, and up-to-date to support audit readiness and policy adherence.

2. Laptop and Endpoint Security Setup

a. Oversee the configuration and deployment of security settings on company laptops to ensure robust endpoint protection.

b. Implement and maintain security policies for laptop setup, including encryption, user permissions, access controls, and compliance monitoring.

c. Provide guidance and training as needed to ensure users understand and follow endpoint security protocols.

3. Microsoft Azure Policy Adherence

a. Develop and enforce security policies within Microsoft Azure to meet organizational and compliance requirements.

b. Conduct regular audits of Azure security configurations, identify potential gaps, and recommend enhancements.

c. Ensure proper configuration of Azure AD, access management, and identity protection to support a secure cloud environment.

4. Ongoing Security Oversight and Advisory

a. Act as the key advisor to the company’s leadership on information security best practices, compliance, and risk management.

b. Provide regular updates to stakeholders on security posture, emerging risks, and proactive measures to strengthen defenses.

c. Coordinate with IT and DevOps teams to integrate security requirements within IT operations and business applications.

5. Compliance and Risk Management

a. Support the organization in maintaining compliance with relevant industry standards and regulatory requirements.

b. Conduct periodic risk assessments and provide recommendations to mitigate identified risks.

c. Prepare documentation and evidence to support compliance initiatives and respond to security audits or regulatory reviews.

Desired Skills & Qualifications:

• Minimum of 8 years in information security, with a focus on policy review, endpoint management, and cloud security.
• Expertise in Microsoft Azure: Hands-on experience with Azure security configurations, identity management, and compliance policies.
• Certifications (preferred): CISSP, CISM, or Microsoft Certified: Security, Compliance, and Identity Fundamentals.
• Strong knowledge of endpoint security, risk management, and Microsoft security policies.
• Advanced English (C1)