About Us: At Kobalt.io, our mission is to solve cybersecurity for SMBs at scale. We believe small businesses are the engine behind innovation and growth. Understanding the challenges that our customers have enables us to design and refine scalable cybersecurity services that support a secure path to growth. This is reflected in everything we do from the programs we build to the partnerships we have developed with companies such as Vanta, Prescient and Sumo Logic.
Role Overview: As a vCISO, you will be a pivotal leader in our clients’ security journeys. You will act as a subject matter expert and trusted advisor, leveraging your deep security experience and interpersonal skills to drive long-term resilience and meaningful change within a portfolio of client organizations. Working alongside a collaborative team of peers, you will establish policies, perform gap assessments, and lead the development and execution of strategic security roadmaps. The ideal candidate will blend deep security experience with client soft skills, communication, planning, and an ability to drive change. The successful candidate must be located in the EST timezone.
Responsibilities:
- Strategic Advisory: Serve as the primary subject matter expert for a client portfolio to develop and implement tailored cybersecurity programs.
- Roadmap Leadership: Create security roadmaps and prioritize projects that address specific external customer risks.
- Executive Partnership: Act as a trusted advisor by providing regular, executive-level presentations on program progress and emerging security matters.
- Compliance Excellence: Guide clients through complex compliance requirements and leverage GRC platforms (such as Vanta) to accelerate their journey.
- Audit Readiness: Provide expert guidance to ensure clients are fully prepared for and supported through the compliance audit process.
- Risk Management: Proactively identify and classify risks through gap analyses, internal audits, tabletop simulations, and formal risk assessments.
- Collaborative Prioritization: Work with stakeholders to establish clear security priorities based on assessment findings.
- Operational Growth: Identify and implement process enhancements to improve service quality and help build technical skills across the internal consulting team.
- Team Collaboration: Partner with a multi-disciplinary team of cybersecurity experts and program managers.
- Business Opportunity: Identify opportunities for security projects and services that align with client needs for our sales team.
Qualifications:
- Industry Insight: A strong understanding of the constraints faced by small to medium technology companies, with the ability to advise on "right-sized" solutions.
- Professional Experience: 7+ years of experience in Security Technologies, Information Security, Business Resilience, Technology Risk, or related fields.
- Client Focus: A dedicated customer-first mindset.
- Technical Proficiency: Proven ability to perform gap analyses and risk assessments while guiding clients toward certification against standard frameworks.
- Communication: Ability to articulate secure best practices across people, process, and technology to both technical teams and executive stakeholders.
- Domain Expertise: A strong understanding of cybersecurity domains, including Security Operations (on-premise and cloud), Security Engineering, and Information Risk Management.
- Framework Knowledge: Experience with compliance standards and audit preparation (e.g., SOC2, ISO 27000 series, ISO 42001, PCI) and privacy frameworks (e.g., GDPR, HIPAA).
Nice to have:
- Operational understanding of networks, cloud systems, and software development.
- Active certifications such as CISSP, CISM, or cloud security certifications.
- Certifications from (ISC)2, ISACA, GIAC, or equivalent.
- Deep understanding of security architecture, forensics, and GRC.
- Experience in executing multi-stage projects over an extended period.
- Experience working with technology firms like SaaS B2B, HealthTech, or FinTech.
Benefits:
- Competitive salary and equity options
- Comprehensive health, dental, and vision insurance
- RRSP Matching
- Remote working and flexible work arrangements
- Professional development opportunities
- Fun and inclusive company culture
How We Use AI in Our Hiring Process: At Kobalt.io, we value transparency and want you to know exactly how we evaluate candidates.
AI Notetaking: We use an AI-powered meeting assistant in all interviews. This tool records, transcribes, and generates summaries of our conversation. This allows our interviewers to be fully present and engaged with you, rather than being distracted by taking manual notes.
Information Sharing: These summaries help us accurately share your qualifications and highlights with hiring managers and key stakeholders who may not be on the call.
Human-Led Decisions: While our AI tools may provide data points or candidate rankings, humans remain at the helm of our decision-making. We may use these insights as just one piece of information in our evaluation. Your potential is assessed by real people, and the final decision on who moves forward is always made by the hiring team
