Virtual Chief Information Officer

Our clients view us as an essential part of their teams, relying on us for strategic guidance, fast solutions to complex challenges, and proactive support. With strategic locations across the U.S. and leadership from our founder, Steven Freidkin, we’re on the front lines of a fast-paced industry, facing cybersecurity threats and rapid technology changes together. If you thrive in a dynamic, supportive environment and enjoy going above and beyond, we’d love to meet you. Come explore one of our many opportunities and grow with us!

As vCIO you will provide executive level guidance for Information Technology (IT) and act as an extension of the client’s organization. You will be responsible for developing, managing, and supporting the client’s long-term IT Vision and Strategies. The vCIO works closely with Account Managers and IT Advisors at Ntiva and advises the client on technology, infrastructure, management, and productivity as they relate to their information technology capabilities.

· This is a remote position; however, team members should be willing and able to travel if the need arises, though such travel is expected to be infrequent

· Define, document, and enforce cybersecurity policies and standards (AUP, DLP, incident response, encryption, AI use, etc.).· Ensure alignment of policies with CMMC practice families (AC, AU, CM, IA, MP, PE, SC, SI, etc.).· Oversee vendor risk management and third-party software FedRAMP/FISMA compliance.· Establish training and awareness programs for employees and leadership on CMMC obligations.

· Lead security configuration and validation of Microsoft 365, Azure, Intune, Purview, and endpoint devices for CMMC control coverage.· Ensure proper configuration of identity and access management (MFA, conditional access, RBAC, privileged account restrictions).· Oversee logging, monitoring, and auditing (Sentinel, Defender, Intune compliance, SIEM integration).· Validate encryption controls: BitLocker, TLS, VPN/IPSec, PreVeil or other enclaves.· Implement and validate data loss prevention (DLP), sensitivity labels, retention policies, and device restrictions (USB, external storage, etc.).

· Conduct risk assessments and gap analyses against CMMC objectives.· Manage incident response planning, tabletop exercises, and reporting processes (including DoD cyber incident reporting within 72 hours).· Maintain continuous monitoring and threat intelligence alignment with current DoD cyber advisories.

· Ensure artifacts, screenshots, logs, and evidence repositories are complete and mapped to controls· Oversee SPRS scoring updates and maintain alignment with DoD self-attestation requirements.· Coordinate with C3PAOs and RPOs for readiness assessments and certification.

· Act as the primary cybersecurity advisor to executives, program managers, and compliance officers.· Support IT staff and administrators in implementing technical controls and remediating gaps.· Communicate cybersecurity risk, compliance posture, and remediation timelines to leadership and clients.· Align security investments with budget, licensing (E3/E5/G3/G5/GCC vs GCC High), and compliance priorities.

· 7+ Years of experience in successfully designing, implementing and IT Consulting· Deep understanding of CMMC 2.0 Level 1 & 2 (and Level 3 when applicable), NIST SP 800-171, and DFARS 252.204-7012 requirements.· Familiarity with related frameworks: NIST 800-53 Rev 5, FISMA baselines, CIS Controls, ISO 27001, SOC 2, HITRUST.· Strong grasp of Controlled Unclassified Information (CUI) handling requirements and DoD cybersecurity mandates.· Ability to guide System Security Plan (SSP) and Plan of Action & Milestones (POA&M) development, maintenance, and audit preparation.· Proficiency in establishing IT services framework and IT security policies· Experience with project management and budget management· Aptitude for customer engagement analysis· Ability to establish partnerships with service providers and vendors· Experience in due diligence when assessing a company’s IT environment· Ability to monitor and understand technology trends and tap the knowledge of technology experts· Strong writing, organized documentation/reporting skills and attention to detail· Ability to connect with diverse personalities and build strong relationships with executives, leaders, and team members.· Desire to do what is right and best for the client

· Bachelor's degree or Master's degree, preferably related to Information Technology · Microsoft Azure or M365 certifications (or equivalent)· Experience in an MSP Environment· Experience in ConnectWise

· Medical, Dental and Vision coverage for employee and family · 401k + company-matched contributions 4% match on 5% contribution - no vesting period! (Employee and Company contribute after 90 days) · Group Term Life and Accidental Death and Dismemberment coverage (company provided) · Short-Term (voluntary enrollment) and Long-Term Disability coverage (company provided) · Health Savings Account (HSA) Options / PPO Options · Employee Assistance Program · Paid Time Off (PTO) + Volunteer Time Off (VTO) + 8 Paid Holidays + 3 Floating Holidays · Education Reimbursement Program · Generous Employee Referral Program - cash bonus for successful referrals! · Dynamic Recognition and Rewards · Clear Promotion and Advancement Tracks · Work with Industry-Leading Talent The base pay range for this position is expected to be between $100,000 and $150,000 per year, plus an annual on-target bonus if applicable, not all roles are subject to a bonus.

The base pay offered may vary depending on multiple non-discriminatory factors including, but not limited to, market location, job-related knowledge, skills, and experience. The total compensation package for this position also includes medical benefits, 401(k) eligibility, and PTO. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment.

We welcome applicants who are U.S. persons. At this time, we are unable to offer sponsorship or assume sponsorship of an employment visa.

Team members must establish a dedicated safe workspace that is free from distractions, hazards, and that is secure from unauthorized access. This includes following Ntiva’s IT User and Security Policies that include but are not limited to password-protecting all equipment, keeping confidential and proprietary documents secure, refraining from using public Wi-Fi, having adequate arrangements in place to avoid significant interruptions from caregiving responsibilities during work hours (except in emergency situations with manager approval).

Any remote work away from a team member’s normal expected dedicated safe workspace must be requested by team member, is subject to review by management, and must adhere to Ntiva policies and procedures.

At Ntiva, we are committed to creating and maintaining a diverse, inclusive, and welcoming work environment for all employees and job applicants. We firmly believe that a diverse workforce fosters a wider range of perspectives, experiences, and ideas that lead to increased creativity, innovation, and problem-solving capabilities. As an equal opportunity employer, we actively seek to recruit and retain a diverse workforce that reflects the communities we serve. We prohibit discrimination of any kind, including but not limited to race, color, religion, gender, gender identity or expression, sexual orientation, marital status, national origin, age, hair length, protective hairstyles, organ donor status, disability, veteran status, or any other legally protected status and comply with all applicable laws governing nondiscrimination in employment.