What is a Virtual Security Manager?

A Bulletproof Virtual Security Manager/Virtual CISO (vSM/vCISO) is a way for businesses to access industry-leading cyber security knowledge in a flexible, cost-effective way. By having a seasoned security expert on a monthly retainer, your organisation can benefit from their years of security experience for a fraction of the cost of a dedicated in-house employee.

Instantly access years of security expertise

Instantly access years of security expertise

Retainer-based service for on-going support

Retainer-based service for on-going support

Expert cyber security governance and management

Expert cyber security governance and management

Flexible packages suit your operational business needs

Flexible packages to suit your operational business needs


Strategy, guidance and technical delivery

The service is designed to help business make strategic security decisions and manage their security risks, along with ad hoc help whenever it is needed. As well as advice from an experienced security management professional, the vSM/vCISO service also gives access to a wider virtual security team for hands-on help with specialist cyber security challenges. Unlike strategy-only vSM services, Bulletproof can provide technical implementation support for a variety of platforms and technologies.

Download our VSM Data Sheet

Expertise in every area of cyber security

Bulletproof offer the full range of technical and strategic cyber security services, including:

  • Cyber security leadership and guidance
  • Compliance management
  • Risk lifecycle management
  • Development of security policies, processes, and procedures
  • Incident response planning and implementation
  • Training and awareness
  • Security and risk assessments
  • Internal and external audit support
  • Operational and project-based guidance
  • Data protection guidance
  • And more


Integrated cyber security services

Your Bulletproof virtual CISO can also manage additional cyber security services for a comprehensive cyber threat protection package. This covers the full range of Bulletproof services, from periodic penetration testing and 24/7 security monitoring to compliance engagements like GDPR and ISO 27001.

  • Bulletproof are CREST approved

    CREST approved

  • Bulletproof are ISO 27001 and 9001 certified

    ISO 27001 and 9001 certified

  • Bulletproof are Tigerscheme qualified testers

    Tigerscheme qualified testers

  • Bulletproof are a PCI DSS v3.2 Level 1 service provider

    PCI DSS v3.2 Level 1
    service provider

  • Bulletproof have 24/7 on-site Security Operations Centre

    24/7 on-site Security
    Operations Centre

Frequently asked questions

What’s the difference between vCISO and vSM?

A vCISO or Virtual Chief Information Security Officer and a Virtual Security Manager are very similar positions in that they provide information security advice to businesses on a retainer basis and respond to Ad hoc requirements. Businesses will tend to get more out of a vCISO as they will go beyond a purely advisory role and oversee implementation projects and maintenance.

What are the benefits of a virtual security manager or virtual ciso?

A virtual Ciso or VSM are less costly than a dedicated member of staff. Working on a retainer basis companies can often quote a price based on your business’s current need. A vCISO is often the best choice for smaller businesses and start-ups who have a need for their skills and knowledge, but not do not require a dedicated member of in-house staff.

What are the day-to-day duties of a vCISO?

On any given day a vCISO or VSM could be doing something entirely different. In Mostly, they operate in an advisory capacity, or can act as a project manager overseeing an implementation or upgrade project. They may choose to evaluate your current technology set up and suggest improvements or changes, they can assign work to the relevant team and advise on future plans.

Get a quote today

If you’re interested in our services, get a free, no obligation quote today by filling out the form below.