Virtual Chief Information Officer

About The Position

Requirements

• 8+ years of progressive IT experience, with at least 3 years in a client-facing advisory, vCIO, IT director, or senior consulting role at an MSP, MSSP, or comparable internal IT leadership position.
• Demonstrated ownership of a multi-client portfolio or complex internal environment, including roadmap, budget, and vendor decisions.
• Working fluency in the Microsoft 365 ecosystem (Commercial and at least exposure to GCC/GCC High), Azure/Entra identity, endpoint management (Intune or comparable), and modern networking (Cisco Meraki or equivalent).
• Practical experience advising on at least one major compliance framework: CMMC, NIST 800-171, NIST CSF, SOC 2, HIPAA, PCI-DSS, or SEC Reg S-P.
• Strong written communication skills, capable of authoring charters, proposals, roadmaps, and QBR deliverables independently.
• Executive presence sufficient to brief owners, CFOs, and outside counsel without an account manager translating.
• Comfort framing tradeoffs and communicating "no" or "not yet" with rationale to clients.

Nice To Haves

• Direct CMMC Level 2 advisory experience, including SSP authorship and C3PAO assessment preparation.
• Familiarity with GCC High migration patterns and commercial implications (licensing, tenant separation, identity).
• Experience advising regulated financial services clients (RIAs, broker-dealers) on Reg S-P, FinCEN AML, or comparable requirements.
• Industry certifications such as CISSP, CISM, CISA, CCSP, Microsoft MS-102 / SC-100 / SC-401, AZ-104, or equivalent.
• Experience operating inside an EOS/Traction-driven business (Rocks, L10 cadence, scorecards).
• Familiarity with PSA/RMM toolchains (Halo PSA, NinjaRMM/NinjaOne, ConnectWise, Autotask) at an operator level.

Responsibilities

• Own each assigned client's multi-year IT roadmap and prioritization, translating technical work into business impact and framing tradeoffs for deliberate decision-making.
• Interpret Account Manager intake charters and produce proposal layers (options, sequencing, phasing, risk framing, dependencies) that precede Statements of Work (SOWs), ensuring decision conversations occur.
• Surface architectural, vendor, and operational risks early, guiding technical decisions on infrastructure, cloud (M365 Commercial and GCC High), networking (Cisco Meraki and equivalents), endpoint, identity, and security tooling.
• Lead client-facing compliance strategy for frameworks such as CMMC Level 1 and Level 2, NIST SP 800-171, ITAR/EAR CUI handling, SEC Regulation S-P, and FedRAMP-adjacent licensing questions, coordinating with internal compliance specialists.
• Lead vendor decisions impacting architecture or roadmap, holding underperforming vendors accountable and framing vendor tradeoffs for client action.
• Own Quarterly Business Review (QBR) agenda content, findings, and recommendations, driving strategy and technical discussions, documenting decisions live, and updating initiative trackers within 24 hours.
• Advise clients on AI tooling decisions, Copilot licensing, data governance, and acceptable-use posture, framing AI adoption as a sequencing and risk question.
• Improve ticket quality by ensuring context is captured before work begins, connecting project work to day-to-day support, filtering unclear requests, and providing clear messaging to Account Managers and engineers.
• Engage as an escalation layer when root causes are strategic, recurring, or require architectural/roadmap adjustments, escalating to the President for business-level, contractual, or retention risk issues.

Benefits

• Health insurance
• Dental insurance
• Vision insurance
• Life insurance
• Disability insurance
• 401k
• Paid holidays
• Professional development
• Continued education
• Learning and development program