Fintech Virtual CISO

RJ Russell, Fintech Virtual CISO

RJ Russell is the Fintech Virtual CISO helping financial services clients with their cybersecurity program. Before RJ’s Fintech Virtual CISO career, he helped Charles River Development, a financial software company, with their SaaS clients for eight years. There, he oversaw L2 and L3 infrastructure operations for their global investment management system.

RJ has worked with a multitude of customers in the finance industry, including commercial banks, mutual funds, pension boards, private wealth and other institutional investment firms, who used the Charles River SaaS platform to manage their portfolios. RJ’s teams were responsible for engineering and operations of all Test, Production and Disaster Recovery systems — including networks & firewalls, virtualization, guest OS, databases, storage, identity management, and cybersecurity.

Having spent his entire career in operations from engineer to manager, RJ strongly appreciates the struggle with the reality of the operations side of security. He understands how hard it is to manage responsibilities, like keeping systems patched or getting firewall rules under control.

He empathizes with Fractional CISO clients because he’s been in their shoes.

RJ knows how the security culture operates within large finance organizations and can navigate the unavoidable internal politics. His experience with Fintech security and compliance goes a long way to help the companies we work with.

RJ’s LinkedIn profile is here.

Fintech Virtual CISO Difference

Compared to other providers, our Fintech Virtual CISO services have four key differentiators that result in a high quality, cost effective solution:

  1. We develop tailored solutions to meet our clients’ needs, as we are not tied to any vendor.
  2. We engage clients with high-value interactions and partner with several best of breed solutions to maximize client value.
  3. We incorporate a quantitative approach by helping our clients invest wisely based on their budget and risk tolerance.
  4. We incorporate a team approach in which at least two team members are assigned to every project. Our clients gain higher availability, broader skillsets, and the ability to deliver content in parallel.
Fintech Virtual CISO offering

What does a typical Fintech Virtual CISO engagement look like?

A typical engagement with Fractional CISO consists of the following:

  • Understanding where the Fintech client fits in the financial marketplace and assessing the organization’s cyber risk tolerance.
  • Gap assessment of the organization to better understand what their key cybersecurity needs are.
  • Helping Fintech clients prepare for and maintain their PCI DSS (Payment Card Industry Data Security Standard) certification.
  • Cybersecurity plan for buy-in by senior management.
  • Roll out of a cybersecurity program to the Fintech organization, which includes:
    • Focus on people, process, technology, and training.
    • Vendor management.
    • Managing IT’s security whether internal or outsourced.
    • Product focus, especially for SaaS offerings.
  • Risk Assessments to evaluate where the greatest cybersecurity threats are to an organization
  • Building Compliance and audit strategy for whatever standards and certifications are required.
  • Addressing all cybersecurity-related financial compliance requirements.
  • Answer customer security questionnaires.
  • Proactively address customer security issues with whitepapers and RFP templates.
  • Communicating cybersecurity program across the organization including to senior management and board.

Fintech Virtual CISO customized services

While the services above will go a long way to improve your cybersecurity posture, some Fintech companies require help executing specific projects or providing customized services.

Customized services may include a corporate or product security strategy, or it might be a Vulnerability Management program or Incident program management.

A Fintech Virtual CISO can also help you throughout the entire security lifecycle of your SaaS offering and optimize the security of your infrastructure.

Going Above and Beyond

Need help telling your security story to close a deal? Do your prospects require you to follow a cybersecurity standard?

The Fintech industry is more regulated than many others, and we can help you navigate the many rules and regulations.

We’ll work with you on all types of go-to-market activities. We’ll even provide the security marketing content.

Finally, we can also:

  • Have expert security discussions with your customers (including the option of company badged information security consultants)
  • Prepare Request for Proposal (RFP) / Request for Information (RFI) answers for security questions
  • Provide security clause contract drafting and review (in conjunction with your legal team)
  • Provide security messaging documents and white papers for your business

Want to learn more about hiring a Fintech Virtual CISO?

To get a good sense about our how we work, sign up for our newsletter for business leaders. It is a once monthly email. We will ONLY send it once a month. Sign up here: