vCISO Consulting in Worcester, Massachusetts
Security leadership for Central Massachusetts regulated companies.
Worcester is the center of the Central Massachusetts life sciences and medical device cluster. Companies in the corridor — from established device manufacturers to UMass-affiliated research spin-outs — operate under GxP frameworks with direct FDA oversight. SOX obligations layer on top for publicly traded subsidiaries. Security leadership is needed but rarely warranted full-time at this scale.
The practice serves Worcester-area companies running security on a fractional basis: risk assessments aligned to audit windows, control documentation that holds up under FDA scrutiny, and incident response planning that's been tested by people who've actually been in those rooms.
- Certifications
-
- CISSP (primary)
- VCP — VMware Certified Professional
- MCSA
- Education
-
- BS, Information Technology
- Experience
-
- 20+ years in IT
- 11+ years cybersecurity leadership (manager level and above)
- Managed cybersecurity at two pharma companies
- Remediated FDA and SOX audit findings on security controls
- Primary frameworks — GxP, SOX, NIST, ISO
Services
The practice covers nine areas: vCISO retainer engagements, risk assessments, security policy and control documentation, tabletop exercises and incident response planning, vendor third-party risk management, security awareness training, penetration testing coordination, board and audit-committee reporting, and security staff mentoring.
Read the full practice →