CISO Advisory Consultant, Ohio

Role Type: Contract (Advisory)

Engagement Type: Short-Term Strategic Advisory (9 12 weeks)

Client: Confidential Healthcare/Academic Institution

Location: Remote (with occasional onsite optional)

Clearance/Compliance Requirements: HIPAA/NIST awareness preferred

Rate Range: $160 $225/hr (based on experience and healthcare specialization)

Position Summary

We are seeking a CISO-level Advisory Consultant to lead a short-term, high-impact engagement focused on evaluating and advancing the cybersecurity capability of a complex healthcare and academic medical center environment. The ideal candidate brings both strategic and operational leadership experience in cybersecurity, with a proven track record of delivering board-level insights, workforce assessments, and actionable security improvement plans.

Key Responsibilities

Lead a comprehensive current-state assessment of cybersecurity operations, workforce structure, and domain coverage (IAM, SOC, GRC, etc.)

Benchmark capabilities using industry frameworks: NIST CSF, NICE, CIS Controls, and MITRE Telecommunication&CK

Identify skill and leadership gaps, domain blind spots, and structural misalignments

Develop visual tools such as capability heat maps and role-based maturity matrices

Craft a strategic security talent roadmap aligned to organizational risk posture and regulatory context

Deliver an executive summary and board-ready narrative, translating technical realities into leadership language

Facilitate workshops, executive sessions, and validation meetings with stakeholders across IT, clinical, research, and governance domains

Ideal Qualifications

15+ years in cybersecurity leadership, with at least 5 in CISO or Deputy CISO-level roles

Deep familiarity with healthcare, academic medical centers, or similarly regulated/high-complexity environments

Proven experience conducting cybersecurity organizational assessments and delivering strategic planning outcomes

Executive-level communication and presentation skills; must be able to synthesize and translate complex findings

Strong working knowledge of industry standards and frameworks (NIST, CIS, MITRE, NICE)

Experience collaborating with both internal and third-party stakeholders (MSSPs, consultants, internal IT/security)

Prior consulting, advisory, or fractional-CISO experience strongly preferred

Deliverables (May Include):

Capability summary and benchmarking visuals

Maturity & gap analysis report

Talent heat map and skill assessment by role

Strategic roadmap and hiring/upskilling recommendations

Executive briefing deck or board summary

Optional: Cyber resilience readiness summary and workshop output documentation