CISO on Part-Time — Senior Expertise, Junior Budget

Strategic cybersecurity leadership without full-time salary overhead.

We deliver CISO-level expertise for 2-8 days per month — at a fraction of full-time cost. Andrzej Gab (Deputy CISO VeloBank, CCIE Security) or Zygmunt Gorszczyński (EY Hub Leader, ISO 27001 Lead Auditor) join your organization as strategic security leader. You oversee SOC/IT teams, advise the board, manage compliance and incidents.

A full-time CISO with 15-20 years of experience costs 30-50k PLN gross per month + benefits + recruitment. For many organizations, this is an unaffordable or unjustifiable investment. Fractional CISO is an alternative — you get senior cybersecurity leadership but pay only for actual working days.

Andrzej Gab built the security function at VeloBank as Deputy CISO — from SOC team recruitment through tool deployment to incident management and regulator relations (KNF). He holds CCIE Security, CISSP, CCSP certifications and has practical experience in banking, maritime cyber and international project management.

Zygmunt Gorszczyński, as Hub Leader at EY, led teams on compliance projects for financial, energy and defense sector clients. He is ISO 27001 Lead Auditor with Top Secret clearance and specializes in governance, audits and regulator relations.

Fractional CISO is not a “per-project” consultant — they’re a member of your management team who participates in meetings, oversees implementations, manages IT/SOC teams and represents the organization before auditors. We work 2-8 days per month (based on your needs), remotely or on-site, with flexible scope adjustment.

Engagement model: monthly retainer (8-25k PLN depending on days) + availability for critical incidents. Minimum commitment: 3 months (organization onboarding period).

Benefits

  • CISO-level expertise at a fraction of cost — pay 8-25k PLN/month instead of 30-50k for full-time + benefits
  • Senior expertise immediately, no recruitment — Andrzej (bank Deputy CISO) or Zygmunt (EY Hub Leader) available within 2 weeks
  • Strategy plus operations — not just advice, but actual team management, project delivery, auditor relations
  • Flexible scope — 2-8 days/month based on needs, ability to scale up during critical periods (audits, incidents)
  • Incident availability — in case of crisis (cyberattack, regulatory audit) we increase availability without additional formalities

For Whom

  • Companies 50-500 people without CISO — you need strategic cybersecurity leadership but full-time is overkill
  • Organizations in security transformation — rolling out ISO 27001, building SOC, undergoing NIS-2 audit — need CISO oversight
  • Companies post-staff rotation — your CISO left, recruitment is ongoing, you need experienced interim leader

What We Deliver

  • Strategic security function management — IT/SOC team oversight, project prioritization
  • Board reporting — monthly security status reports, metrics, recommendations
  • Compliance management — oversight of certifications (ISO 27001), audits, regulator relations
  • Incident management — incident response process leadership, board and client communication
  • Roadmap and budgeting — cybersecurity investment planning, vendor evaluation, deployment oversight

Schedule Fractional CISO Call — Let’s discuss your organization’s needs, we’ll align scope and engagement model.

Interested?

Schedule a free consultation — let's discuss your needs.

Contact Us
Back to homepage