vCISO Consulting in Boston, Massachusetts
Security leadership for Greater Boston's regulated mid-market companies.
The Boston market is the most concentrated mix of regulated industries in New England. Kendall Square and the Longwood Medical Area house the largest biotech and pharma concentration in the country. Downtown and the Seaport are home to public companies, asset managers, and fintech firms operating under SOX, SEC, and PCI. Each sector has a distinct audit posture and a distinct definition of what a security function needs to deliver.
The practice is built for exactly this market: fractional CISO work for commercial regulated mid-market companies where security leadership matters but a full-time hire isn't yet warranted.
- Certifications
-
- CISSP (primary)
- VCP — VMware Certified Professional
- MCSA
- Education
-
- BS, Information Technology
- Experience
-
- 20+ years in IT
- 11+ years cybersecurity leadership (manager level and above)
- Managed cybersecurity at two pharma companies
- Remediated FDA and SOX audit findings on security controls
- Primary frameworks — GxP, SOX, NIST, ISO
Services
The practice covers nine areas: vCISO retainer engagements, risk assessments, security policy and control documentation, tabletop exercises and incident response planning, vendor third-party risk management, security awareness training, penetration testing coordination, board and audit-committee reporting, and security staff mentoring.
Read the full practice →