Job Description
Are you looking for limitless career opportunities with a company that values growth, innovation, and teamwork? At Ntiva, we’re more than a Managed Services Provider, we’re a community dedicated to helping each other, our clients, and their businesses thrive both personally and professionally. Ntiva is a culture of people who are passionate about the work…and each other. Our clients view us as an essential part of their teams, relying on us for strategic guidance, fast solutions to complex challenges, and proactive support. With strategic locations across the U.S. and leadership from our founder, Steven Freidkin, we’re on the front lines of a fast-paced industry, facing cybersecurity threats and rapid technology changes together. If you thrive in a dynamic, supportive environment and enjoy going above and beyond, we’d love to meet you. Come explore one of our many opportunities and grow with us! About the Role We are a growing Managed Service Provider expanding our security leadership and building a unified security function across our business. This is a high-priority executive investment with a dual mandate: protect our internal operations and the clients who trust us with their infrastructure, while expanding our security service lines into a strategic revenue driver. You will own our security posture end-to-end, from internal risk and compliance, through our SOC and incident response capability, to client-facing vCISO engagements and the security products we bring to market. You will inherit a capable security team and have a direct line to the CTO and executive leadership. This is an ideal opportunity for a security leader with 7–10 years of experience ready to define what good looks like at a maturing MSP. What You'll Own Internal Security & Compliance Define and execute the enterprise information security strategy activities, roadmap, and budget. Own the internal risk management program: threat management, vulnerability management, access governance, and third-party risk. Lead all compliance and audit activities including SOC 2 Type II, and CMMC Level 2 certification. Serve as the executive security voice in client contracts, vendor contracts, security questionnaires, RFP responses and other compliance-related requests. Drive the security awareness and training program across all employees and contractors. Incident Response & SOC Lead the strategy, staffing model, and tooling for our 24x7 Security Operations Center. Own the incident response program: runbooks, tabletop exercises, on-call rotations, and post-incident reviews. Be the executive lead during active security incidents affecting the company or our clients, including customer and regulator communication. Define detection engineering priorities and measure SOC effectiveness with clear KPIs (MTTD, MTTR, false-positive rate). Client-Facing Services (vCISO & GRC) Scale and mature our vCISO service line: delivery methodology, playbooks, solution architecting and senior client relationships. Directly advise our highest-value clients as their fractional CISO on strategy, board reporting, and regulatory posture. Shape our Governance, Risk, and Compliance (GRC) consulting offering, including readiness assessments, policy development, and audit support across SOC 2, HIPAA, CMMC, NIST and other . Partner with Sales to scope security engagements and convert technical credibility into pipeline. Security Product Development Partner with the CTO and Product team to define the roadmap for our security service offerings and any productized security tooling. Translate threat landscape shifts and client pain into product requirements and differentiated offerings. Represent the voice of the security practitioner in architecture and build-vs-buy decisions. Leadership Lead, mentor, and grow the existing security team; make the hiring and structural decisions needed to scale. Report regularly to the CTO and executive team on security posture, risk, and program investment. Represent the company's security practice externally at industry events, in analyst briefings, and with strategic partners. Develop and implement strategics plans that support the integration of acquired security practices and for the organic growth of the existing business in line with corporate goals. Maintain budgetary accountability for the Security Operations Team, and the Security Services Business Revenue. What You Bring Required 7–10 years of security leadershi