2

Remote Ciso Jobs (NOW HIRING)

Security Architect - Consultant 9309

Raleigh, NC · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Miami, FL · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

New York, NY · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Trenton, NJ · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

East Rutherford, NJ · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Harrisburg, PA · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Philadelphia, PA · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Tallahassee, FL · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

New York, NY · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Pittsburgh, PA · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Richmond, VA · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Austin, TX · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Columbus, OH · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Atlanta, GA · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

Security Architect - Consultant 9309

Washington, DC · Remote

$66.50 - $86/hr

* Location: 100% Remote. -Security Architect - Consultant 9309 . Employment Type: W2 Only (No ... CISA, CISO or equivalent advanced security certification. Additional relevant certifications ...

next page

Showing results 1-20

Remote Ciso information

See salary details

$70K

$148.7K

$232.5K

How much do remote ciso jobs pay per year?

As of Jul 17, 2026, the average yearly pay for remote ciso in the United States is $148,746.00, according to ZipRecruiter salary data. Most workers in this role earn between $118,000.00 and $167,500.00 per year, depending on experience, location, and employer.

What are some common challenges faced by a Remote CISO, and how can they be addressed?

A Remote CISO often faces the challenge of coordinating information security initiatives and incident responses across distributed teams with varying time zones and communication styles. To overcome these obstacles, successful Remote CISOs implement clear security policies, leverage collaborative technologies, and establish regular communication routines with IT and business units. Building strong relationships virtually and ensuring ongoing visibility into the organization’s security posture are also key to mitigating risks. Additionally, staying updated with emerging threats and compliance requirements is crucial for maintaining an adaptive and effective security program. By proactively addressing these challenges, Remote CISOs can foster a culture of security and ensure robust protection regardless of team location.

Can you make $500,000 a year in cyber security?

A remote CISO or senior cybersecurity executive can potentially earn $500,000 or more annually, especially with extensive experience, certifications like CISSP or CISM, and working for large organizations or consulting firms. Compensation varies based on industry, company size, and individual expertise, with top-tier professionals often reaching or exceeding this level. High salaries are typically associated with leadership roles, strategic responsibilities, and specialized skills in cybersecurity management and risk mitigation.

Can a CISO work remotely?

A remote Chief Information Security Officer (CISO) can perform their duties from outside a traditional office environment, leveraging digital communication tools and security platforms. Many organizations now allow CISOs to work remotely, especially with experience in cybersecurity management, risk assessment, and strategic planning, though some roles may require on-site presence for certain activities or meetings.

How much does a virtual CISO make?

A remote CISO typically earns between $100,000 and $250,000 annually, depending on experience, industry, and company size. Senior CISOs with extensive cybersecurity expertise and certifications like CISSP or CISM tend to be at the higher end of this range, often working on a contract or part-time basis as well.

What is a Remote CISO job?

A Remote CISO (Chief Information Security Officer) is responsible for overseeing an organization's cybersecurity strategy and policies while working remotely. They manage security risks, ensure compliance, and develop protocols to protect sensitive data from cyber threats. Unlike an on-site CISO, a Remote CISO leverages virtual communication tools to collaborate with IT teams, executives, and stakeholders. This role is common in companies that prioritize remote work, need flexible security leadership, or outsource their CISO responsibilities.

What are the key skills and qualifications needed to thrive in the Remote Ciso position, and why are they important?

To thrive as a Remote CISO, you need extensive experience in cybersecurity strategy, risk management, governance, and compliance, typically supported by a degree in information security or related fields and several years of leadership in IT security. Familiarity with frameworks like NIST, ISO 27001, and tools such as SIEM, DLP, and endpoint security solutions, along with certifications like CISSP or CISM, are highly valued. Outstanding communication, leadership, and decision-making skills are crucial for effectively guiding remote teams and influencing stakeholders across an organization. These skills enable a Remote CISO to protect critical assets, ensure regulatory compliance, and maintain organizational resilience in a distributed work environment.

How can I make $100,000 a year working from home?

A remote CISO can earn $100,000 or more annually by gaining relevant certifications such as CISSP or CISM, building extensive cybersecurity experience, and working for organizations that offer remote leadership roles. Developing skills in risk management, security architecture, and compliance can increase earning potential, especially with a strong professional network and proven track record in cybersecurity management. Many remote cybersecurity roles also require excellent communication skills and familiarity with security tools and frameworks.
More about Remote Ciso jobs
What cities are hiring for Remote Ciso jobs? Cities with the most Remote Ciso job openings:
What are the most commonly searched types of Ciso jobs? The most popular types of Ciso jobs are:
What states have the most Remote Ciso jobs? States with the most job openings for Remote Ciso jobs include:
Infographic showing various Remote Ciso job openings in the United States as of July 2026, with employment types broken down into 6% Locum Tenens, 30% Internship, 21% As Needed, 35% Full Time, 1% Contract, and 7% Nights. Highlights an 77% Physical, 5% Hybrid, and 18% Remote job distribution, with an average salary of $148,746 per year, or $71.5 per hour.
Information Security Compliance Analyst

Information Security Compliance Analyst

Oregon Metro

Portland, OR • On-site, Remote

$94K - $126K/yr

Full-time

Posted 3 days ago

New


Job description

Salary: $94,106.41 - $126,142.16 Annually
Location : Metro Regional Center, OR
Job Type: Full Time
Remote Employment: Flexible/Hybrid
Job Number: 2026-0069-IT-5
Department: Information Technology
Opening Date: 07/14/2026
Closing Date: 7/24/2026 11:59 PM Pacific
Position Summary
Hello, we're Metro! Metro is dedicated to shaping a better future for the greater Portland region. The work the people of Metro do every day benefits the lives of the people who live here, today, and tomorrow.
The Information Security Team is looking for an Information Security Compliance Analyst. This role serves as the primary support role to the CISO for Metro's information security governance, risk, and compliance (GRC) function, operationalizing and maturing the program on the CISO's behalf while ensuring alignment with applicable federal, state, and local regulations, including privacy, data protection, breach notification, and public records requirements. Acting as control owner delegate, this role ensures controls are properly defined, enforced, auditable, and aligned to business and regulatory requirements, with a clearly bounded (~30%) operational support component focused on control validation, audit readiness, and compliance alignment rather than primary ownership of security operations.
As the Information Security Compliance Analyst, you will
  • Serve as the CISO's operational extension for compliance and governance, translating security strategy into actionable policies, controls, and procedures, and preparing materials for executive reporting, audits, and regulatory reviews.
  • Develop, maintain, and manage the full lifecycle of information security policies and standards, mapping them to applicable frameworks and coordinating periodic reviews with stakeholders across IT and business units.
  • Act as control owner delegate for NIST CSF, CIS Controls, and PCI DSS, leading framework alignment, gap analysis, and PCI compliance activities including CDE scoping, evidence collection, and QSA coordination.
  • Lead governance of the vulnerability management program, including policy definition, SLA tracking, compliance reporting, and risk acceptance decisions, partnering with the Cybersecurity Analyst as execution lead.
  • Conduct compliance reviews of software and technology assets, maintain accurate asset inventories, and support third-party/vendor security reviews to ensure audit readiness.
  • Maintain and administer the enterprise risk register, support internal and external audits, and develop compliance metrics and dashboards to communicate risk and control effectiveness to leadership.
  • Support incident response through documentation, evidence collection, and regulatory notification requirements, including secondary, after-hours backup support for high-severity security alerts in coordination with the Cybersecurity Analyst and SOC/MSSP providers.
  • Collaborate with IT Operations, Infrastructure, and Application Teams to integrate security controls into operational processes, and assist in administering security tools (EDR, SIEM, email security, identity platforms) in support of compliance objectives.
  • Contribute to system hardening and secure configuration baselines aligned with CIS Benchmarks, assist with IAM best practices, and coordinate security awareness and training initiatives.
  • Develop and mature data classification, handling, and protection standards (including DLP and retention policies), support privacy impact assessments, and help mature Metro's cybersecurity program through process improvement and continuous alignment with evolving threats and best practices.

Attributes for success
  • Strong working knowledge of security and compliance frameworks (NIST CSF, CIS Controls, PCI DSS) with the ability to translate framework requirements into practical, auditable controls.
  • Detail-oriented and highly organized, with the discipline to manage policy lifecycles, evidence packages, and audit documentation accurately and on schedule.
  • Comfortable operating independently while working under general direction from the CISO, exercising sound judgment on when to escalate versus resolve.
  • Strong written communication skills, able to translate technical security concepts into clear policies, procedures, and executive-ready reporting.
  • Collaborative mindset with the ability to build effective working relationships across IT Operations, Infrastructure, Applications, and business stakeholders who don't report to this role.
  • Analytical and risk-aware, able to assess control gaps, prioritize remediation efforts, and support risk acceptance discussions with sound reasoning.
  • Comfortable with ambiguity and program-building, given that governance structures, processes, and tooling are still actively being developed and refined.
  • Basic technical fluency with security tools (SIEM, EDR, identity platforms) sufficient to support compliance monitoring without requiring deep engineering expertise.
  • Reliable and responsive when serving as secondary, after-hours backup for high-severity alerts, with good judgment about when situations require escalation versus documentation.
  • Genuine interest in continuous learning and staying current on evolving regulatory requirements, threats, and industry best practices in a public-sector context.

DIVERSITY AND INCLUSION
At Metro, we strive to cultivate diversity, advance equity, and practice inclusion in all of its work. This means attracting and empowering a workforce that is inclusive of a broad range of human qualities. Workplace diversity is both a moral imperative and a business strength, essential to providing quality support and services to our region. Metro's goal is to hire, develop and retain highly skilled and talented individuals across all departments and programs who best reflect the diversity of our community.
TO QUALIFY
We will consider any combination of relevant work experience, volunteering, education, and transferable skills as qualifying unless an item or section is labeled required. Please be clear and specific in your application materials on how your background is relevant.
Minimum qualifications
  • 4-6 years of progressive experience in information technology, including at least 3-5 years of experience in information security, IT security, or compliance-focused role, and
  • A bachelor's degree in Cybersecurity, Information Technology, or related field, or
  • Any combination of education, professional, volunteer and lived experience that provides the necessary knowledge, skills, and abilities to perform the classification duties and responsibilities.

If this statement is true for you, then you may be ineligible to apply
If you were terminated for cause during any employment with Metro, or resigned in lieu of termination, you may be ineligible for rehire for a minimum of 3 years.
Hybrid Telework
This position is designated as "hybrid telework." You will be required to work onsite and at times have the option to work away from your assigned work location. The specific schedule and balance of onsite and telework will be discussed with the hiring manager at the time of offer. Employees must reside in Oregon or Washington to work at Metro. Please note, the designation of hybrid telework may be subject to change at a future time.
Like to have qualifications
You do not need to have the following preferred qualifications/transferable skills to qualify. However, keep in mind we may consider them when identifying the most qualified candidates. Your transferable skills are any skills you have gained through education, work experience, including the military, or life experience that are relevant for this position.
  • Experience in public sector or government environments.
  • Relevant certifications such as:
    • CISA, CRISC (preferred for governance and risk)
    • PCIP or equivalent PCI-related certification (strongly preferred)
    • Security+, SSCP, or GSEC (foundational, optional)
  • Direct experience with PCI DSS compliance programs, including CDE scoping, SAQ, or ROC processes.
  • Experience supporting cloud security compliance and governance activities in Azure, AWS, or similar environments (e.g., control mapping, configuration review, audit support).
  • Familiarity with privacy considerations, data protection principles, and applicable Oregon state requirements.
  • Experience with vendor risk management, third-party assessments, or software asset compliance reviews.
  • Familiarity with GRC tools or platforms used for risk management, control tracking, and audit management (e.g., ServiceNow GRC, Archer, or similar).
  • Experience working with or overseeing third-party security providers (e.g., MSSP/SOC) in a compliance or audit capacity.

SCREENING AND EVALUATION
The application packet: The application packet consists of the following required documents. Please ensure that you upload these documents in your online application. Make sure your application is complete, missing any part of these items could result in an incomplete application and will not be moved forward in the recruitment.
  • A completed online application
  • A cover letter addressing the following (please limit your response to 2 pages):
    • Compliance & Governance Experience - Describe your experience developing, maintaining, or operationalizing information security policies, controls, or GRC functions, including the frameworks you've worked with (e.g., NIST CSF, CIS Controls, PCI DSS) and any experience supporting regulatory requirements such as privacy, data protection, breach notification, or public records obligations.
    • Independent Execution & Cross-Functional Influence - This role operates under the general direction of the CISO but requires independent judgment on day-to-day execution, along with the ability to drive compliance outcomes through collaboration with IT and business teams that don't report to this position. Share an example that demonstrates both.
    • Building Structure from Ambiguity - Metro's information security program is still maturing. Describe a time you built or improved a process, policy, or program from an early or undefined state, and how you approached bringing structure to that ambiguity.

The selection process: We expect to evaluate candidates for this recruitment as follows. The selection process is subject to change.
  • Initial review of minimum qualifications
  • In-depth evaluation of application materials to identify the most qualified candidates
  • Consideration of top candidates/interviews
  • Testing/assessments
  • Reference check
  • Background records check for finalist candidate

COMPENSATION, BENEFITS AND REPRESENTATON
The full-salary range for this position is step 1: $94,106.41 to step 7: $126,142.16. However, unless a candidate's qualifications justify, based on the requirements and Metro's internal equity review process, the appointment will likely be made between step 1: $94,106.41 to the equity range step 4: $108,947.96.
This position is not eligible for overtime and is represented by AFSCME 3580. It is classified as a Systems Analyst III position. Classification descriptions are typically written broadly and do not include the specific duties and responsibilities of the positions.
Questions?
Recruiter: Carrie Gundermann
Email:
Additional Information
Equal employment opportunity
All qualified persons will be considered for employment without regard to race, color, religion, sex, national origin, age, marital status, familial status, gender identity and expression, sexual orientation, disability for which a reasonable accommodation can be made, or any other status protected by law.
Non-discrimination in hiring decisions
Metro is committed to equal employment opportunity and complies with all applicable federal, state, and local civil rights laws. Metro employment decisions - including recruitment, screening, interviewing, selection, promotion, compensation, and separation - must not discriminate based on race, color, national origin, ethnicity, religion, sex, sexual orientation, gender identity, disability, age, veteran status, or any other protected class.
Accommodation
Metro will gladly provide a reasonable accommodation to anyone whose specific disability prevents them from completing this application or participating in this recruitment process. Please contact the recruiter outlined in the job announcement in advance to request assistance.
Veterans' preference
Under Oregon Law, qualified veterans may be eligible for veterans' preference when applying for Metro positions. If you are a veteran and would like to be considered for a veterans' preference for this job, please provide qualifying documents as instructed during the application process.
Hybrid Telework
This position is designated as "hybrid telework." You will be required to work onsite and at times have the option to work away from your assigned work location. The specific schedule and balance of onsite and telework will be discussed with the hiring manager at the time of offer. Employees must reside in Oregon or Washington to work at Metro. Please note, the designation of hybrid telework may be subject to change at a future time.
Pay equity at Metro
No matter who you are or where you work at Metro, you deserve to be paid fairly for the work you do.Every worker must get equal pay for equal work regardless of your gender, race, age, or other protected characteristics. has established processes and conducts routine pay equity reviews as part of the hiring process to ensure compliance with the 2017 Oregon Pay Equity Act.
Online