Security Consultant (Fractional CISO) - M&A Due Diligence Location ... Remote Type: Contract / Hourly (Part-Time or As-Needed Basis) Reports To: Head of M&A / Corporate ...
Security Consultant (Fractional CISO) - M&A Due Diligence Location ... Remote Type: Contract / Hourly (Part-Time or As-Needed Basis) Reports To: Head of M&A / Corporate ...
Remote Fractional Ciso information
See salary details
$59.5K - $72.5K
14% of jobs
$80.3K is the 25th percentile. Wages below this are outliers.
$72.5K - $85.6K
19% of jobs
$85.6K - $98.6K
12% of jobs
The median wage is $103.1K / yr.
$98.6K - $111.7K
17% of jobs
$111.7K - $124.7K
12% of jobs
$127K is the 75th percentile. Wages above this are outliers.
$124.7K - $137.8K
14% of jobs
$137.8K - $150.8K
7% of jobs
$150.8K - $163.9K
3% of jobs
$163.9K - $176.9K
0% of jobs
$176.9K - $190K
1% of jobs
$190K - $203K
2% of jobs
$59.5K
$111.6K
$203K
How much do remote fractional ciso jobs pay per year?
What is the difference between Remote Fractional Ciso vs Security Analyst?
| Aspect | Remote Fractional Ciso | Security Analyst |
|---|---|---|
| Credentials | Typically CISSP, CISM, or CISA certifications | Often CompTIA Security+, GIAC, or similar |
| Work Environment | Part-time or project-based, strategic focus | Full-time, operational, hands-on security tasks |
| Employer Usage | Used by organizations seeking strategic security leadership | Used by security teams for monitoring and incident response |
The Remote Fractional Ciso focuses on high-level security strategy and governance, often working part-time for multiple clients. In contrast, a Security Analyst handles day-to-day security operations and incident management. While both roles require security certifications, their responsibilities and work environments differ significantly, making them suited for different organizational needs.

Job description
Location: Remote Type: Contract / Hourly (Part-Time or As-Needed Basis)
Reports To: Head of M&A / Corporate Development / CISO
Role OverviewWe are seeking a seasoned Security Consultant to support cybersecurity due diligence for mergers, acquisitions, and strategic investments. This remote, hourly-paid role involves assessing the security posture of target companies, identifying critical risks, and advising on remediation and post-close integration planning. The ideal candidate is detail-oriented, technically strong, and comfortable working independently with minimal oversight.
Key Responsibilities- Perform security due diligence assessments for M&A targets across various industries and maturity levels.
- Security policies, procedures, and governance frameworks
- Infrastructure and network architecture (cloud/on-prem/hybrid)
- Application and cloud security posture (AWS, Azure, GCP)
- Identity and access management (IAM) practices
- Data protection and encryption strategies
- Vulnerability management and incident response capabilities
- Compliance with standards such as ISO 27001, SOC 2, GDPR, HIPAA, PCI-DSS, etc.
- Analyze provided documentation: network diagrams, risk assessments, audit reports, penetration test results, and security controls inventories.
- Conduct interviews with key personnel (security, IT, DevOps, GRC, etc.) to validate practices and identify risks.
- Provide concise written deliverables, including: Detailed security diligence reports Risk register with severity ratings and business impact 30/60/90/180-day remediation plans
- Collaborate with legal, technical, and integration teams to support informed decision-making. Work flexibly based on diligence timelines and deal schedules.
15+ years of experience in cybersecurity or information security, with 2+ years in security due diligence or third-party risk assessments. Strong working knowledge of security frameworks: NIST CSF, ISO 27001, CIS Controls, SOC 2. Familiarity with securing cloud-native and SaaS environments. Ability to assess security risk holistically across technical, organizational, and compliance domains. Excellent written communication skills; able to summarize complex findings in an executive-friendly format. Self-starter comfortable with ambiguity and fast-paced deal environments.
Preferred QualificationsExperience in a consulting, private equity, venture capital, or corporate M&A environment. Certifications such as CISSP, CISA, CISM, CCSP, or OSCP. Prior work with high-growth startups or tech/SaaS companies. Experience using security assessment tools (e.g., Nessus, Qualys, Burp, Wiz, etc.) is a plus.
About Saviance
Sourced by ZipRecruiter
Saviance is a modern consulting firm providing a variety of professional services to its clients in the US. We bring twenty three years of experience to the table. Our consultants are qualified experts and extremely talented. We understand the business behind the technology, and work with many of the top Fortune 100 companies and provide innovative, scalable, robust and secure solutions. At the forefront of the Staffing and IT Solutions industry, Saviance is certified by NMSDC as a Tier 1, Minority Business Enterprise (MBE) . We are a self- certified Small Business and self- certified Woman Owned Business committed to maximizing global workforce solutions on behalf of our clients, empowering businesses and talent through applied human intelligence. We are a Diversity Supplier with global reach specializing in a business services blend of talent, technology, and a relentless commitment to customer success. It’s our diversity that’s acts as a core component of our culture, our approach to business, and the opportunities we provide to our clients and our employees.
Industry
It services
Company size
201 - 500 Employees
Headquarters location
East Rutherford, NJ, US
Year founded
1999