Chief Information Security Officer

Position Description

We are seeking a hands-on Chief Information Security Officer (CISO) to lead and execute the company’s cybersecurity program in support of federal government contracts. This is a senior-level individual contributor role with no direct reports, responsible for enterprise-wide information security strategy, compliance, and risk management.

Key Responsibilities

• Serve as the organization’s senior authority on cybersecurity and advise executive leadership on risk and strategy
• Develop, implement, and maintain enterprise-wide security policies, standards, and controls
• Ensure compliance with NIST 800-53, NIST 800-171, CMMC, CMMI, ISO 9K, ISO 20K, ISO 27K, RMF, and other federal requirements
• Manage Authority to Operate (ATO) processes and interface with auditors and assessors
• Conduct risk assessments, vulnerability analysis, and risk mitigation activities
• Oversee incident response planning and execution
• Review proposed system architectures to ensure "Security by Design
• Guide secure architecture across network, cloud, and endpoint environments
• Collaborate with program teams and support security requirements for proposals

Required Qualifications

• Active TS/SCI clearance or ability to obtain
• Bachelor’s degree or equivalent experience
• 10 years of progressive cybersecurity experience
• List of IT and Security certifications
• List and provide experience in Monitoring and secure communications platforms-
• Experience in a government contracting environment
• Strong knowledge of NIST frameworks, RMF, and federal compliance requirements
• Hands-on experience with network, cloud, and endpoint security
• Ability to operate independently without direct reports
• Excellent communication and stakeholder engagement skills

Preferred Qualifications

• CISSP, CISM, or similar certification
• Familiarity with classified environments and SCIF operations