Chief Information Security Officer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 10+ years of progressive experience in cybersecurity, information security, or IT risk management, including senior leadership responsibility.
• Direct experience in a government contracting, defense industrial base, or regulated federal environment.
• Demonstrated experience leading or materially supporting Cybersecurity Maturity Model Certification implementation, assessment readiness, and ongoing compliance sustainment.
• Strong working knowledge of NIST SP 800-171, security control assessment practices, and the protection of Controlled Unclassified Information.
• Experience with DFARS cybersecurity requirements, security documentation, risk remediation planning, and supplier or third-party security oversight.
• Experience maintaining system security plans, plans of action and milestones, compliance evidence, and executive-facing risk and compliance reporting.
• Proven ability to communicate security, compliance, and business risk to executives, program leaders, auditors, and non-technical stakeholders.

Nice To Haves

• Master’s degree in Cybersecurity, Information Systems, Business Administration, or a related discipline.
• Professional certifications such as CISSP, CISM, CRISC, or equivalent.
• Experience preparing for or supporting independent assessments in support of CMMC Level 2 or similar compliance frameworks.
• Knowledge of SPRS reporting, contractor assessment workflows, secure enclave design, and cloud security within federal contracting environments.
• Experience with security requirements flowing to subcontractors, vendors, and business partners in a government contracting supply chain.
• Experience supporting business development, proposal responses, and customer discussions related to cybersecurity posture and compliance maturity.

Responsibilities

• Lead the enterprise cybersecurity strategy and operating model for a government contracting organization supporting federal and defense-related work.
• Direct implementation, maturation, and sustainment of the Cybersecurity Maturity Model Certification program across the organization.
• Oversee the protection of Federal Contract Information and Controlled Unclassified Information across systems, networks, cloud environments, endpoints, and third-party relationships.
• Ensure alignment with applicable contractual, regulatory, and security requirements, including DFARS cybersecurity clauses and NIST-based control frameworks.
• Lead development and maintenance of security governance, policies, standards, procedures, and evidence needed for assessments and audits.
• Own enterprise assessment readiness, including system scoping, gap analysis, remediation planning, evidence collection, and executive reporting.
• Oversee system security plans, plans of action and milestones, risk registers, and continuous monitoring activities.
• Coordinate internal stakeholders, external assessors, managed service providers, and program teams to drive compliant and sustainable security operations.
• Lead cyber incident response, escalation, reporting, recovery, and post-incident improvement activities in accordance with contractual and operational requirements.
• Provide executive and board-level reporting on cyber risk, compliance posture, assessment readiness, and remediation progress.
• Build and lead a high-performing security and compliance team capable of supporting growth, audit readiness, and secure contract execution.

Benefits

• Competitive compensation
• Comprehensive benefits package