Sr. Cybersecurity & Compliance Engineer/CISO (Must be based in MA) - iCorps Technologies : Job Details

iCorps Technologies is a premier IT consulting, managed services, and cloud computing firm that delivers strategic leadership, innovative services, and hands-on expertise to mid-sized and enterprise clients across industries. We're committed to transforming our clients' businesses with tailored technology solutions, and we're proud of the trusted partnerships we've built. We don't just hire the best, we empower them to do their best work.

Job Description

This hybrid role involves executive advising, risk and security assessments, policy development, vendor risk management, and implementation of cybersecurity best practices. The vCISO is a trusted advisor across industries, guiding clients through proactive security strategies, evolving regulatory landscapes, and emerging technologies such as AI.

The ideal candidate has served as an advisor, CISO, or vCISO for at least five years, holds relevant security and privacy certifications (e.g., CISSP, IAPP), and has a functional understanding of AI-related risk and compliance obligations in today's evolving threat landscape.

Responsibilities

• Support and advise clients as a Cybersecurity Advisor.
• Lead, own, and execute the cybersecurity function as vCISO.
• Lead risk assessments, framework alignment, and security maturity evaluations.
• Guide clients in defining and maturing GRC programs per regulatory and industry frameworks.
• Develop and maintain security policies, programs, and procedures aligned to client needs and standards.
• Promote cybersecurity hygiene across identity management, patching, configuration, and user awareness.
• Conduct vendor and third-party due diligence, including cloud providers and supply chain risk assessments.
• Understand and advise on AI-related risk, compliance, and governance implications.
• Assist with framework alignment (NIST CSF, ISO 27001, CIS Controls, HIPAA, CMMC, PCI-DSS, SOC 2).
• Provide technical support for vulnerability scanning, threat assessments, and risk mitigation using tools like Nessus, OWASP ZAP, Burp Suite, Qualys, Rapid7.
• Collaborate on cloud security architecture (Azure, AWS, Google) and security tooling (Microsoft Defender, Sentinel, CASB, EDR/MDR).
• Lead incident response efforts for clients.
• Support security pre-sales, solution design, and proposals.

Required Qualifications

• At least 5 years in a CISO or vCISO role advising mid-market to enterprise clients.
• Experience with vulnerability management, IAM, cloud security (Azure, AWS, GCP), endpoint protection, SIEM, and DLP.
• Proven ability to align organizations with cybersecurity and compliance frameworks.
• Deep understanding of cybersecurity best practices across hybrid IT environments.
• Knowledge of AI-related risks, compliance, and governance.
• Strong communication skills, including executive reports and briefings.

Certifications (one or more from each category):

• Security Certifications:
• Cloud Security: Microsoft Security Architect, AWS Security Specialty, Google Professional Cloud Security Engineer
• Privacy Certifications:

Preferred Qualifications

• Experience in regulated industries (healthcare, finance, defense).
• Familiarity with GDPR, CCPA, HIPAA.
• Background in MSP/MSSP or cybersecurity consulting.
• Knowledge of AI governance standards, model validation, or AI risk registers is a plus.

• Mid-Senior level

• Full-time

• Information Technology

• IT Services and IT Consulting