Director of Cybersecurity Defense – U.S. Federal Programs (US Federal)

About The Position

Requirements

• 10+ years of progressive experience in cybersecurity, with at least 5 years leading security teams or programs.
• Demonstrated experience managing cybersecurity for U.S. Federal Government programs, agencies, or contractors.
• In-depth knowledge of key federal cybersecurity frameworks and regulations, including:
• NIST RMF and NIST SP 800-53
• NIST Cybersecurity Framework (CSF)
• FISMA, FedRAMP, IL (if applicable to your environment)
• Relevant OMB, DHS/CISA, and agency-specific guidance
• Proven experience leading security authorization/ATO processes and continuous monitoring activities for Federal systems.
• Strong understanding of modern enterprise and cloud security, including Zero Trust, identity-centric security, network segmentation, endpoint security, and secure software development.
• Demonstrated success in incident management, including coordination with internal stakeholders and, where applicable, federal authorities.

Nice To Haves

• Bachelor’s degree in Computer Science, Information Security, Engineering, or related field; or equivalent work experience.
• Advanced degree (Master’s) in Cybersecurity, Information Assurance, or related discipline.
• Relevant security certifications such as CISSP, CISM, CISA, CCSP, GIAC (e.g., GSEC, GCIA, GCIH), or equivalent.
• Experience with major cloud service providers (e.g., AWS, Azure, Google Cloud) and associated federal offerings (e.g., GovCloud, IL environments).
• Experience working with or within agencies such as DoD, DHS, DOJ, Treasury, or Intelligence Community.
• Background in secure system architecture, security engineering, or threat intelligence focused on nation-state and advanced threats.
• Experience supporting proposal development, customer briefings, and formal audits/assessments.
• Strong leadership and people management skills, with the ability to inspire and develop a high-performing team.
• Excellent written and verbal communication skills, including the ability to convey complex risk and security topics succinctly.
• Strategic and analytical thinker with a bias for action and the ability to prioritize in a dynamic environment.
• Collaborative, customer-focused mindset with the ability to build trust and credibility with Federal stakeholders.
• High integrity, sound judgment, and a strong sense of accountability and mission orientation.

Responsibilities

• Define and execute the cybersecurity defense strategy for U.S. Federal programs aligned with organizational objectives, risk appetite, and regulatory requirements.
• Establish and lead cybersecurity defense for Federal work, including policies, standards, and procedures that meet or exceed federal expectations.
• Provide regular reporting on risk posture, incidents, and compliance status to executive leadership and Federal stakeholders.
• Support the implementation and ongoing operation of federal cybersecurity frameworks including NIST RMF, NIST SP 800-53, NIST CSF, and ISO/industry best practices as applicable.
• Oversee and maintain compliance with FISMA, FedRAMP (if relevant), DoD IL4+, and other applicable federal regulations, directives, and agency-specific requirements.
• Support the security authorization/accreditation activities relevant to Cyber Defense operations (e.g., ATO processes), including control selection, implementation, continuous monitoring, and Plan of Action and Milestones (POA&M) management.
• Manage third-party risk for vendors and partners supporting Federal programs, ensuring they meet required security standards.
• Oversee day-to-day cybersecurity operations for Federal environments, including monitoring, detection, incident response, and threat hunting.
• Develop and maintain incident response plans and playbooks in alignment with federal requirements, ensuring timely reporting and coordination with applicable agencies.
• Coordinate cross-functional response to security incidents impacting Federal systems, from triage and containment through eradication, recovery, and lessons learned.
• Partner with enterprise SOC, IR, and threat intelligence teams to ensure Federal-specific threats and requirements are fully addressed.
• Provide architectural input and direction for secure design, implementation, and operation of systems that support Federal customers (on-premises, cloud, and hybrid).
• Champion Zero Trust principles and modern security architectures tailored to Federal requirements and guidance (e.g., OMB, CISA).
• Guide security technologies such as IAM, PAM, EDR/XDR, SIEM, encryption, data loss prevention, vulnerability management, and configuration management.
• Ensure security is integrated into system development lifecycles (DevSecOps) and CI/CD pipelines supporting Federal programs.
• Build, lead, and mentor a multidisciplinary cybersecurity team (e.g., security engineers, analysts, architects, compliance specialists) supporting Federal customers.
• Set clear goals, performance expectations, and development plans to foster a culture of high performance, accountability, and continuous improvement.
• Promote collaboration with engineering, operations, legal, compliance, and program management teams.
• Drive a security-aware culture across all teams working on Federal programs through communication and engagement.
• Represent cybersecurity in engagements with Federal customers, auditors, inspectors general, and regulatory bodies.
• Support business development and capture activities by contributing to proposals, RFP responses, and customer presentations related to security capabilities.
• Communicate complex security and risk topics in clear, business-relevant language to technical and non-technical audiences.