Bestkaam Logo
Back to Jobs
Verixa

Fractional CISO (Regulated SaaS)

Actively Reviewing

Verixa

Coimbatore Full-Time 15–25 yrs exp Posted 8 hours ago  · Apply by Sep 14, 2026

Navira Quality Systems (Verixa platform) · Remote (India-led) · Fractional / Part-Time

Part-time security leadership · ISO 27001 & SOC 2 · 9–12 month retainer · ~4–6 days/month · Remote


About Navira Quality Systems:


Navira Quality Systems is the company behind Verixa — an AI-governed Quality Management System (eQMS) purpose-built for pharmaceutical, biotech, and other regulated life-sciences organisations. Verixa brings validation, quality, documentation, and audit-readiness into one modern, compliant platform designed around 21 CFR Part 11, EU Annex 11, ISO, and emerging AI-governance expectations. We are a focused, fast-moving team building software where quality and trust are the product.


About The Role:


We're looking for a hands-on Fractional CISO to own our information-security program end-to-end and drive Verixa to ISO 27001 and SOC 2 readiness. Verixa's technical security controls are already strong and implemented in code; your mandate is to build the management system around them — policies, risk management, evidence, and governance — and lead the organisation through certification.


What You'll Do:


  • Own the ISO 27001 readiness program: ISMS scope, Statement of Applicability, information-security risk register and treatment plan, asset inventory, and the supporting policy suite.
  • Own SOC 2 Type I readiness: system description, management assertion, evidence pack, and auditor selection.
  • Drive the security evidence program: access reviews, restore/DR and incident-response tabletops, training, vendor/subprocessor risk and DPAs, and monitoring.
  • Direct penetration-test defect remediation and formal risk-acceptance decisions, with retest sign-off.
  • Select and manage the certification body (ISO) and CPA firm (SOC 2), targeting a combined-audit path where possible.
  • Act as security counterpart for design-partner due diligence — security questionnaires and trust narrative.
  • Run a quarterly security review with the leadership team.


What we are Looking for?


  • 10+ years in information security, including 2+ ISO 27001 certifications led as implementer/CISO (not audit-only).
  • SOC 2 program ownership.
  • Fluency across a modern SaaS / cloud-native stack.
  • Strong security-policy authorship and vendor/subprocessor risk-program experience.


Nice to Have:


  • Regulated life-sciences or GxP SaaS exposure.
  • ISO 42001 / AI-governance awareness.
  • Working knowledge of India's DPDP Act 2023 and GDPR.
  • Experience presenting to enterprise pharma procurement / security teams.


Engagement Details:


  • Fractional engagement on a monthly retainer (part-time security leadership).
  • Term: 9–12 months through the certification window; 30-day notice.
  • Commitment: ~4–6 days/month during the build, ~2–3 days/month in steady-state; occasional US audit-facing hours.
  • Location: remote-first, India-led.
  • Compensation: competitive retainer, commensurate with experience.
  • A confidentiality agreement (NDA) is signed before access is granted.


Why This Role?


Own a certification program from scratch on a platform where security is central to the value proposition. It's a high-autonomy, high-impact fractional mandate for a builder who has taken organisations through ISO and SOC 2 before.


How to Apply?


Send your CV/profile and a short note on relevant experience to [email protected] with the subject line “Fractional CISO – Verixa”, or apply directly through this LinkedIn post. We review applications on a rolling basis.


Navira Quality Systems is an equal-opportunity organisation. We welcome applicants of all backgrounds and are committed to a fair, inclusive hiring process.