Director of Information Systems Security (ISSO)

WiredPeople, Inc.•Boston, MA

1d•Remote

About The Position

At WiredPeople, we are dedicated to delivering rapid, responsive, and reliable solutions to our clients across the public and private sectors. We are seeking a highly experienced and strategic Director of Information Systems Security (ISSO) to lead our security and compliance initiatives. In this role, you will play a critical part in safeguarding our information assets and ensuring adherence to complex regulatory frameworks. This position is a full-time and fully remote role. The Director of ISSO will lead a team of Information Systems Security Officers (ISSOs) and cybersecurity professionals to develop, implement, and maintain comprehensive information security and privacy programs. You will be responsible for overseeing risk management, vulnerability assessments, security authorizations, and compliance with federal and state guidelines (including NIST, FISMA, HIPAA, and FedRAMP). The ideal candidate is a strategic leader with deep technical expertise and a proven track record of managing security operations in highly regulated environments.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
10+ years of progressive experience in information security, IT compliance, or cyber risk management.
5+ years of experience in a leadership or management role overseeing security teams.
Extensive hands-on experience managing the NIST RMF and achieving ATOs for complex systems.
Must hold one or more active, industry-recognized senior security certifications (e.g., CISSP, CISM, GSLC, or CISA)
Exceptional understanding of federal and state security compliance frameworks.
Strong executive presence and the ability to communicate complex technical risks to non-technical stakeholders.
Proven ability to operate in a fast-paced environment and deliver reliable results.

Nice To Haves

A Master’s degree is highly preferred.

Responsibilities

Direct and mentor a team of ISSOs, security engineers, and compliance analysts, fostering a culture of continuous improvement and professional development.
Develop and execute the organization's information security strategy in alignment with overarching business goals and client requirements.
Act as the primary point of contact for senior leadership and external stakeholders regarding information systems security posture, risks, and compliance status.
Drive the adoption of "secure-by-design" principles across all enterprise systems and client deliverables.
Oversee the Risk Management Framework (RMF) process, ensuring timely and successful Authorization to Operate (ATO) for all organizational and client systems.
Ensure strict compliance with relevant regulatory standards, including NIST SP 800-53, FISMA, FedRAMP, HIPAA, and DoD IL requirements.
Direct comprehensive risk assessments, vulnerability scanning, and penetration testing activities, and manage the remediation of identified vulnerabilities.
Maintain oversight of Plan of Action and Milestones (POA&M) processes, ensuring risks are mitigated within required timeframes.
Lead the organization's incident response strategy, ensuring rapid detection, containment, and eradication of security threats.
Oversee the continuous monitoring program to ensure ongoing security compliance and threat intelligence integration.
Coordinate with legal, HR, and public relations teams during high-impact security incidents to ensure unified and compliant communication.
Develop, implement, and maintain enterprise-wide security policies, procedures, and System Security Plans (SSPs).
Ensure all system documentation, including Privacy Impact Assessments (PIAs) and Security Assessment Reports (SARs), is accurate and up-to-date.
Design and execute comprehensive security awareness and training programs for all staff and contractors.