Rock Security Jobs (NOW HIRING)

Virtual Chief Information Security Officer (vCISO) / Fractional CISO / Security Executive Consultant

Why Bird Rock Systems

At Bird Rock Systems, we take pride in being named one of the Inc. 5000 Fastest Growing Private Companies. Our dynamic journey to success is fueled by a team of passionate individuals who thrive in a fast-paced environment. We're more than a workplace; we're a community of fun-loving people dedicated to excellence.

What Sets Us Apart:

• Best Workplace Awards:
  Bird Rock Systems is proud to be recognized for our commitment to fostering a positive, collaborative, and innovative culture. Our honors include:
  • Inc.'s Best Workplaces
  • San Diego Business Journal's Best Places to Work
    
  • San Diego SHRM Workplace Excellence Award

• Fast-Paced Growth:As an Inc. 5000 honoree, we're committed to driving innovation and pushing boundaries. Join us to be part of a dynamic and ever-evolving company.
• Vibrant Company Culture:We believe in creating an environment where work feels like fun. Our team is more than colleagues - we're friends who collaborate, support, and celebrate together.
• Core Values:Our values define us. Loyalty, work/life balance, kaizen (continuous improvement), unwavering integrity, exceptional customer service, and giving back to our community are the cornerstones of Bird Rock Systems.

Your Opportunity:

At Bird Rock Systems, you're not just an employee - you're an essential part of our growth story. Join our team of driven professionals who embrace challenges, value camaraderie, and thrive on making a difference. If you're ready to work in an exciting atmosphere that blends passion, innovation, and purpose, we invite you to apply and embark on a rewarding journey with us.

Take the next step towards an inspiring career. Apply now and become a proud contributor to Bird Rock Systems' exceptional trajectory!

Join us on our journey. Apply today.

Position Summary

Role Type: Senior Consultant /Principal (senior individual contributor)

At Bird Rock Systems, the Virtual Chief Information Security Officer (vCISO)roleserves as a fractional security executiveandprimary delivery authority and executive advisor for a portfolio of diverse clients. ThevCISOis accountable for the design, execution, andmeasurableimprovement of each assignedcustomer's Information Security Program - guiding organizations from reactive security postures tooptimized,businessalignedsecurity operations.

This roleisfirst and foremosta billable client delivery role. Cyber Security Advisory and presales support responsibilities are secondary and intentionally scoped to protect delivery quality,utilization, and customer outcomes. This roleblends strategicsecurityleadership,handsonadvisory, andportfoliolevel accountabilitywhileremainingcurrent on evolving security threats, industry trends, and emerging technologies.

This role is for an experienced security leader who values judgment, craftsmanship, and longterm client impact. Success is measured not by activity volume alone, but by sustained improvements in customer security maturity, executive trust, and the ability to scale sound security practices across diverse organizations.

This role is based in San Diego, CA and supports clients across regulated and growthoriented industries.

The 90Day Win

The first90 daysare focused onestablishingexecutive credibility, delivery rhythm, and security leadership presence across the assigned client portfolio.

• Successfully baselinefive (5)client environments using the CIS Critical Security Controls, documented in Bird Rock-approved assessment artifacts, internally reviewed, and presented to customer executive stakeholders.

• Identify, scope, and roadmapat least onecrtical/highpriorityremediation initiative per client thatresults in an approved execution path and budgetary estimate,leveragingBird Rock implementation practices (Cloud, Network, Privacy, or Security).

• Establish a recurring security leadership cadence (e.g.,steering committees or executive briefings)with documented agendas, executive-ready reporting, and defined success metricswith assignedcustomers.

• Initiate andfacilitatea weekly internal security lessons-learned forumwithsecurityengineersto sharecrossclientthreats, trends, and improvement opportunities, producing actionable insights that inform service standards and delivery improvements.

Location

Must be based inSan Diego, CA

Regular inperson collaboration expected to support delivery excellence, peer mentorship, and executive alignment.This role istrusted to exercise professional judgment in balancing onsite presence with focused work.Hybrid flexibility based on client and portfolioneeds.

What You Bring

Qualifications & Experience

• 7+ years of progressive security leadership experience, within a consulting ormulticlientenvironment.

• Demonstrated ability to translate complex security and compliance requirements into practical,businessalignedsolutions.

• Proven experience leading security programs through influence, governance, and executive engagementrather than authority.

• Demonstrated success managing competing priorities across multiple executive stakeholders in a fractional or consulting leadership model.

• Enthusiastic toworkinofficeto foster collaboration, mentorship, and team culture.

• A strong belief that successfulvCISOengagements create healthier, more secure, and more engaged client relationships.

• Seeking a longterm professional home where security leadership craft can be refined, shared, and scaled-rather than a shortterm stop between titles.

Key Responsibilities

Portfolio Accountability & Executive Delivery Leadership (80% Billable, Year 1 ramp)

• Utilization targets are balanced against executive effectiveness, decision quality, and customer outcomes.
• Own and execute a balanced portfolio of 5+ concurrent vCISO engagements, aligned by customer size, regulatory complexity, and delivery maturity, balancing executivelevel reporting with tactical security oversight.
• Design, develop, maintain, disseminate, and enforce customer Information Security Programs, policies, standards, and associated compliance or framework requirements.
• Execute security programs through influence, leveraging customer IT personnel and/or Bird Rock Services teams and contractors, establishing clear guidance, accountability, and escalation paths.
• Remain well informed on industry trends, threat intelligence, regulatory changes, and security technologies to continuously improve customer outcomes.
• Report on the performance and maturity of customer information security programs to executive leadership and boards using clear outcome-oriented metrics and maturity indicators.
• This role shapes the next generation of security leaders by modeling executive judgment, ethical advisory practices, and sustainable security leadership.

Portfolio Design & Sustainability

• Client portfolios are composed to balance customer complexity, regulatory demand, and delivery maturity.
• Engagement load is managed to preserve executive presence, decision quality, and longterm customer outcomes.
• vCISOs are supported by delivery practices, shared artifacts, and specialized engineering teams to avoid herobased execution models.

Framework Fluency, Risk, and Compliance Execution

• Expertly assess, select, and apply appropriate frameworks (e.g., CIS Controls, NIST, PCIDSS, HIPAA) based on customer risk profile and business objectives, ensuring depth of execution over superficial multi-framework coverage.
• Advise on and guide customer objectives, including but not limited to:
  • Security assessments and testing
  • Risk management and security compliance
  • Security policy, process, and procedure development
  • Incident response planning and readiness
  • Security training and awareness programs
  • Security remediation initiatives
  • Security lifecycle management
• Lead and/or actively participate in customer steering committees and governance forums to align security initiatives with measurable business priorities and risk-reduction outcomes.

Threat Defense, Incident Leadership & Advisory Presence

• Provide calm, decisive leadership during customer security incidents, serving as the senior security advisor for response coordination, executive communication, and postincident improvement planning, while respecting customer ownership of final operational decisions.
• Conduct and guide wellarchitected security reviews to ensure hybrid and cloudnative environments are resilient, scalable, and secure.
• Advise customers on the safe and responsible adoption of emerging technologies, including Generative AI, ensuring governance, policy, and controls prevent sensitive data leakage and unintended risk exposure.

Strategic Growth, Upsell & Service Evolution

• Use Monthly and Quarterly Business Reviews to identify material security risks and maturity gaps, translating them into prioritized, outcomedriven initiatives aligned to customer business goals, risk tolerance, and longterm security maturity.
• Ensure new vCISOrelated services and processes are customerready, documented, and fully trained to engineers, project managers, and account managers prior to client delivery.
• Provide structured peer review, peer mentorship, and delivery coaching to Bird Rock personnel executing customer security objectives, acting as a quality bar and force multiplier across the Services organization.
• Contribute to the continuous improvement of the vCISO offering and related services based on realworld customer outcomes.

Cyber Security Advisor Overlay & GotoMarket Support

This role serves as a technical and strategic presales resource, with responsibilities intentionally limited in scope and duration to protect billable delivery excellence. Presales engineering responsibilities are secondary to billable client delivery and are focused on highimpact opportunities where executivelevel security leadership accelerates trust and deal velocity.

• Act as a senior security subjectmatter expert in presales engagements, supporting account teams during qualified opportunities where executive-level security leadership accelerates trust and deal velocity.
• Translate customer security challenges, regulatory requirements, and risk exposure into clearly scoped security and remediation offerings with documented assumptions and delivery expectations.
• Ensure presales solutions are operationally sound, align with our delivery standards, and can be executed by the services team without delivery ambiguity or re-scoping.
• Actively represents Bird Rock Systems at industry and company events by speaking, sharing insights, and engaging with peers and leaders.

Compensation

• Compensation Range: $170,000 - $280,000
• Strong base salary with performance incentives aligned to portfolio health, customer retention, and sustained delivery excellence; rewarding longterm outcomes rather than shortterm utilization spikes.
  
• The aboverepresents the expected compensation range for this job requisition. Ultimately, in determining pay, we'll consider location, experience, and other job-related factors.

Benefits

At Bird Rock Systems, we make sure you have the support and resources to leverage and develop your skills, secure your financial future, and take care of your health and well-being. Bird Rock Systems continually seeks to provide a workplace where everyone can be their authentic self. Through Bird Rock Systems competitive benefits offerings and various training and development opportunities, we have you covered with our Benefits Program which includes:

• Medical, Dental, and Vision Insurance
• Unlimited Paid Time Off
• Paid Family Leave Benefits
• Flexible Spending Accounts
• Pet Insurance
• Employee Assistance Program
• 100% Employer-Paid Life & AD&D Insurance, Short- and Long-Term Disability Insurance
• Monthly Wellness Reimbursement
• Cell Phone Reimbursement