Chief Information Security Officer (CISO)

Mission Critical Group
Onsite

About The Position

The Chief Information Security Officer (CISO) is responsible for developing, implementing, and leading the enterprise cybersecurity, information risk management, and compliance strategy across a multi-site manufacturing organization. CISO partners with business leaders, engineering, operations, legal, HR, and executive leadership to protect intellectual property, manufacturing systems, operational technology (OT), industrial control systems (ICS), cloud infrastructure, and enterprise applications while enabling business growth and digital transformation. CISO provides strategic leadership over cybersecurity governance, regulatory compliance, cyber risk, incident response, disaster recovery, identity management, and secure adoption of emerging technologies including AI and cloud platforms. The ideal candidate has extensive experience securing both Information Technology (IT) and Operational Technology (OT) environments within manufacturing.

Requirements

  • Bachelor's degree in Cybersecurity, Computer Science, Information Systems, Engineering, or related field.
  • 15+ years of progressive IT and cybersecurity leadership experience.
  • 8+ years leading enterprise cybersecurity organizations.
  • Experience in securing manufacturing environments.
  • Experience securing Operational Technology (OT).
  • Experience presenting to executive leadership and Boards.
  • Experience leading enterprise incident response.
  • Experience managing cybersecurity budgets exceeding $5M.
  • Strong knowledge of Microsoft enterprise security technologies.

Nice To Haves

  • CISSP
  • CISM
  • CRISC
  • CGEIT
  • CCSP
  • GIAC (GICSP, GRID, GCIA, GREM)
  • Certified Information Systems Auditor (CISA)
  • Microsoft Cybersecurity Architect Expert (SC-100)
  • Azure Security Engineer (AZ-500)
  • Certified Ethical Hacker (CEH)

Responsibilities

  • Develop and execute the enterprise cybersecurity strategy aligned with business objectives.
  • Present cybersecurity risks, metrics, investment strategies, and emerging threats to executive leadership.
  • Build a security-first culture throughout the organization.
  • Develop long-term cybersecurity roadmaps supporting mergers, acquisitions, and business growth.
  • Lead the enterprise security program including: Information Security Governance, Cyber Risk Management, Security Policies and Standards, Enterprise Security Architecture, Third-Party Risk Management, Data Governance, AI Governance, Security Awareness Program, Enterprise Vulnerability Management.
  • Develop security scorecards and executive dashboards to measure organizational risk.
  • Lead security initiatives protecting: Industrial Control Systems (ICS), SCADA Environments, PLC Networks, Manufacturing Execution Systems (MES), Robotics, IoT Devices, Plant Networks, Building Automation Systems.
  • Responsibilities include: Network segmentation, Zero Trust architecture, Secure remote vendor access, Asset inventory, Patch management, OT vulnerability assessments, ICS incident response, Plant cyber resiliency.
  • Provide oversight for: Microsoft 365, Azure, Active Directory / Entra ID, Identity Governance, Privileged Access Management (PAM), Endpoint Detection & Response (EDR), SIEM / SOAR, Email Security, Secure Cloud Architecture, Data Loss Prevention (DLP).
  • Provide oversight for: VPN, Firewalls, Secure Remote Access.
  • Ensure compliance with: NIST Cybersecurity Framework (CSF), NIST SP 800-53, NIST SP 800-171, CMMC Level 2 (if applicable), ISO 27001, SOC 2 Type II, CIS Controls, ITAR, DFARS, GDPR, CCPA, PCI-DSS (where applicable), HIPAA (where applicable).
  • Lead internal and external security audits.
  • Establish enterprise processes for: Cyber Risk Assessments, Business Impact Analysis, Risk Register Management, Vendor Security Reviews, Penetration Testing, Security Architecture Reviews, Application Security, Secure Software Development, M&A Security Due Diligence.
  • Oversee: Security Operations Center (SOC), Incident Response, Threat Hunting, Threat Intelligence, Digital Forensics, Vulnerability Management, Patch Governance, Security Monitoring, Identity Monitoring, Endpoint Protection.
  • Develop and test the Cyber Incident Response Plan.
  • Lead enterprise resiliency programs including: Disaster Recovery, Business Continuity, Cyber Recovery, Ransomware Recovery, Crisis Management, Tabletop Exercises, Executive Incident Simulations.
  • Develop enterprise data protection strategies covering: Intellectual Property, Engineering Designs, CAD Files, ERP Data, Manufacturing Data, Customer Information, Financial Information, Supplier Information.
  • Implement: Data Classification, Encryption, Rights Management, Data Loss Prevention, Secure Collaboration.
  • Provide executive oversight for: AI Governance Program, Secure AI Adoption, LLM Risk Management, AI Vendor Assessments, Responsible AI Policies, AI Data Protection, AI Security Controls, Shadow AI Prevention, AI Risk Assessments.
  • Develop a mature vendor security program including: Security Assessments, Contract Security Requirements, Continuous Monitoring, Supply Chain Risk Management, Software Risk Reviews, Cloud Vendor Governance.
  • Lead and mentor teams responsible for: Security Engineering, Security Operations, Governance, Risk & Compliance (GRC), Identity & Access Management, OT Security, Cloud Security, Security Architecture, Security Awareness, Disaster Recovery.
  • Manage cybersecurity budgets, staffing, strategic planning, and technology investments.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service