vCISO — fractional security leadership
A real CISO, at the cadence you need.
Three tiers, monthly billing, founder-delivered. The vCISO sits on your leadership stand-ups, owns the security roadmap, and shows up when the audit asks who is responsible. No intern-farm, no quarterly check-in theater.
Tiers
Pick the cadence
Most security-mature teams start with Core. Teams in active build (CMMC engagement, SOC 2 prep, board reporting) start with Pro. Embed is for teams that essentially want a part-time CISO seat.
Xpoose vCISO Core
$4,500/mo
Monthly capacity for teams that need a security adult in the room.
- Monthly leadership stand-up
- Quarterly board-facing security update
- Roadmap ownership + prioritization
- On-call for security questions in writing
- Hours / month: 8
- Concurrent cap: 3
Xpoose vCISO Pro
Most teams$6,000/mo
Active build cadence — CMMC, SOC 2, board reporting, vendor reviews.
- Everything in Core
- Quarterly Exposure Scorecard refresh
- Vendor security review (up to 4 / mo)
- Playbook library access
- Consigliere Tuned appliance bundled
- Hours / month: 14
- Concurrent cap: 3
Xpoose vCISO Embed
$12,000/mo
Part-time CISO seat for one client — quarterly on-site.
- Everything in Pro
- Weekly leadership presence
- Quarterly on-site (US continental)
- Direct staff coaching for one named lead
- Dedicated playbook tuning per environment
- Hours / month: 32
- Concurrent cap: 1
Which cadence is yours?
The 30-minute Exposure Call sorts it. We size your security calendar against the load and tell you Core, Pro, or Embed before either of us commits.