FractionalQuest
fractional.questHire a CISO
Hire a Fractional CISO · Fractional CISO Jobs UK

Fractional CISO jobs
UK on your terms.

Browse live UK fractional CISO jobs and security mandates graded on rate, fit and IR35. Set your certifications once; get matched to companies actively hiring. Build your portfolio career.

Open the console →What could you earn?
£1,275 median2 days typicalOutside IR35Compliance & risk
~/ciso-missionslive
scanning your matches…
CISO
FinTech, FCA compliance
LONDON · 2D/WK · REGULATED
£1,650
FIT 97
CISO
Scale-up, ISO 27001 cert
MANCHESTER · 2D/WK · GROWTH
£1,200
FIT 94
vCISO
SaaS, SOC 2 Type II
BRISTOL · 1D/WK · COMPLIANCE
£1,100
FIT 90
CISO
Healthcare, NHS DSP Toolkit
EDINBURGH · 3D/WK · HEALTHCARE
£1,400
FIT 88
SEC
Post-breach recovery
LEEDS · 3D/WK · INCIDENT
£1,500
FIT 85
avg time to first match48h
£1.275k
Median CISO day rate
48h
Avg brief to shortlist
2d
Typical weekly cadence
156
CISO placements tracked
01 / definition

What is a fractional CISO?

Part-time Chief Information Security Officer jobs UK. Not a consultant, not an MSSP: the CISO, 1–3 days a week.

01

Part-time

01 · cadence

A chief information security officer, 1–3 days a week.

Senior, certified CISO capability across a defined slice of the week. You get the security leadership you need without a full-time salary or a five-day commitment.

2 daystypical cadence
02

Embedded

03

Outside IR35

04

Time-bound

02 / scope

CISO responsibilities

What fractional CISOs own versus what they delegate.

OWNS

  • Security strategy & roadmap
  • Risk register & appetite
  • Compliance programmes (ISO, SOC 2)
  • Incident response planning
  • Board reporting & metrics
  • Security team structure
  • Vendor selection & management
  • Policy & governance framework

× DELEGATES

  • 24/7 SOC monitoring
  • Hands-on penetration testing
  • Day-to-day ticket resolution
  • Firewall configuration
  • Vulnerability patching
  • Security awareness training delivery
  • Log analysis & SIEM tuning
  • Identity management operations
ISO 27001SOC 2GDPRRisk ManagementIncident ResponseCloud SecurityZero TrustBoard Reporting
03 / alternatives

Fractional CISO vs alternatives

How a fractional CISO compares to other security solutions.

Fractional CISO
Virtual CISO
Model
On-site + remote hybrid
Fully remote typically
Presence
Board meetings in person
Video calls only
Integration
Embedded in leadership
External advisor
Accountability
Named risk owner
Advisory role
Best for
Regulated industries
SMEs & startups
Fractional CISO = embedded leadership. Virtual CISO = remote advisory.
04 / economics

CISO rates by sector

Day rates vary with regulatory requirements and company complexity.

SectorTypical scenarioDay rate rangeMedian
SME/StartupFirst security hire, basic compliance£700–£900£800
Scale-upISO 27001, SOC 2, growing team£900–£1,350£1,125
EnterpriseComplex estate, multi-framework£1,350–£1,650£1,500
RegulatedFinancial services, healthcare£1,650–£2,500£2,075
component · calculator
05 / economics

What could you earn?

Model the cost vs a full-time CISO, or what you could earn across your portfolio.

Day rate £1,275
Days per week2 days
Working weeks / year46 weeks
Your £1,275/day sits at the 58th percentile for UK fractional CISOs 900–£1,650 band).
Your potential
£117,300
From 2 days/week · 46 weeks · before tax
Annual fractional income
Gross billings£117,300
Per mandate (2d/wk)£58,650
FTE equivalent*£208,208
Browse mandates →
* Rough full-time equivalent assuming employer NI + benefits load. Indicative, not tax advice.
06 / decision

When to hire a fractional CISO

Four scenarios where fractional CISO jobs deliver highest impact for UK businesses.

scenario 1

Compliance deadline

ISO 27001, SOC 2, or sector-specific cert needed for growth or contract.

→ 6-month certification sprint
→ Need credible leadership
→ Board needs assurance
scenario 2

Post-incident recovery

Breach happened. Need credible leadership to rebuild trust and programme.

→ Regulator engagement
→ Programme rebuild
→ Board confidence
scenario 3

Regulatory pressure

New regulations (NIS2, DORA, FCA) require board-level security ownership.

→ Named accountability
→ Formal risk ownership
→ Audit readiness
scenario 4

M&A or funding

Due diligence needs credible security leadership and mature programme.

→ Security DD prep
→ Risk quantification
→ Investment protection
07 / structure

IR35 structured correctly

Outside IR35 from day one. No retrospective HMRC risk.

TEST 1

Right of Substitution

The CISO can send a qualified substitute. You contract the limited company, not the individual.

PASSES
TEST 2

Control

They control how, when and where they deliver. You define outcomes, not the working pattern.

PASSES
TEST 3

Mutuality

No obligation to offer or accept work beyond the agreed mandate. True contractor relationship.

PASSES
08 / process

How we vet CISOs

Every fractional CISO is verified across four dimensions before they reach you.

01

Security credibility

Verify real track record leading security at your stage — not just audit or pen-testing background.

SOURCING
02

Certification check

Validate certs (CISSP, CISM, sector-specific) and ongoing CPE compliance.

VERIFICATION
03

Reference validation

Speak to recent fractional clients, boards. Real outcomes, not just tenure.

DUE DILIGENCE
04

Shortlist delivery

3–5 candidates, each with rate percentile, fit score and IR35 structure.

48 HOURS
09 / questions

Fractional CISO FAQ

Common questions about hiring and working as a fractional CISO.

Is fractional CISO work viable?
Yes — growing demand as regulations tighten (GDPR, NIS2, DORA) and boards need credible security leadership without full-time cost.
What can I earn as a fractional CISO?
At ~£1,275/day, two days a week across 46 weeks is ~£117K from one client — and most operators run 2–3 mandates. The calculator above models it.
Do I need specific certifications?
CISSP or CISM are table stakes. Sector-specific certs (ISO 27001 Lead, QSA, CISA) command premium rates. But track record matters most.
What sectors have highest demand?
Financial services, healthcare, and SaaS lead demand. Any company processing cards (PCI DSS) or personal data at scale needs credible security leadership.
How are mandates matched to me?
By sector, certifications, and your availability — each graded on rate percentile, fit and IR35 so you choose with full context.
10 / resources

Related resources

Deep dives on fractional CISO topics.

/fractional-ciso-cost

CISO Cost Analysis

Detailed breakdown of fractional CISO rates, cost comparisons, and ROI calculations.

/virtual-ciso-jobs-uk

Virtual CISO Roles

How virtual CISO placements differ from fractional — remote-first model explained.

/interim-ciso-jobs-uk

Interim CISO Jobs

Short-term security leadership for crisis response and transformation projects.

Book a meeting