Remotery

Chief Information Security Officer

Posted 1 hour ago

This is a fully remote position, open to applicants in United States.

📋 Description

• Formulate and implement a comprehensive information security strategy across the enterprise, managing risk, governance, compliance, and threat mitigation to safeguard highly sensitive data, intellectual property, customer environments, and the infrastructure of Mission Hero.

• Act as the executive authority on risk within the organization, making final decisions regarding security posture with enterprise-wide implications, and serving as the primary advisor to the CEO and senior leadership on matters of cyber risk, emerging threats, and business impacts.

• Collaborate with the CEO, General Counsel, and business development leaders to synchronize security investments with contractual obligations, growth goals, and mission priorities.

• Represent Defense Unicorns' security stance in engagements with customers, during contract negotiations, governmental interactions, and partnership discussions.

• Provide oversight to the Director of Security Compliance and Director of Information Technology, ensuring alignment between compliance responsibilities, IT infrastructure, and security operations.

• Cultivate a collaborative security culture focused on mission success, empowering Unicorns to act swiftly while minimizing risks to the business and our customers.

• Develop and implement a strategy for the responsible, cross-functional use of AI that enables Unicorns while maintaining a verifiable information security posture.

• Adjust Defense Unicorns' application security processes to adapt to the realities of AI-driven threat hunting, managing and scaling bug triage and/or bounty programs that align with Open Source software practices and responsible disclosure trends.

• Design and enhance defensive security tools that empower teams to adopt a proactive stance and protect themselves and their outputs from emerging threats, including software supply chain security, advanced security hunting, and sophisticated foreign adversaries.

• Lead initiatives to protect production infrastructure, cloud services, and mission-critical systems from advanced cyber threats, ensuring resilience, regulatory compliance, and alignment with strategic business goals.

• Establish and lead a high-performing security engineering team responsible for securing Defense Unicorns' production environments and customer-facing platforms, covering architecture, hardening, threat detection, and defensive measures across cloud, hybrid, and on-premise infrastructures.

• Direct the strategy for security architecture and infrastructure protection at scale, defining the technical vision while empowering the Director of IT for execution.

• Promote the automation of security processes to enhance mean time to detection and containment, while driving continuous improvement in security operations.

• Act as the executive sponsor for the Incident Response program, ensuring readiness of cross-training, playbook development, and compliance with DFARS 252.204-7012 government notification requirements.

• Manage the enterprise Governance, Risk, and Compliance (GRC) framework, establishing policy standards, defining residual risk thresholds, and ensuring accountability across organizational divisions.

• Provide executive sponsorship for the CMMC Level 2 compliance program, overseeing accountability for DFARS 252.204-7012 and 7021 posture, POA&M governance, and C3PAO assessment readiness across all contract vehicles.

• Supervise the third-party risk management (TPRM) program and supply chain risk management in accordance with NIST SP 800-161, holding final authority on technology investments with compliance implications.

• Serve as the executive point of contact for government regulatory agencies, C3PAO assessors, and auditors.

• Regularly report on cyber risk posture, program health, and compliance status to senior leadership.

• Foster a security-conscious culture throughout the organization, treating security as a facilitator of missions rather than a hindrance.

• Lead enterprise security awareness and training initiatives, ensuring that all Unicorns and contractors comprehend their roles in upholding the company's security posture.

• Clearly convey complex security concepts to diverse audiences, including engineers, operators, executives, board members, and government representatives.

• Advocate for risk-informed decision-making at all organizational levels, empowering teams to operate confidently within well-defined parameters.


⛳️ Requirements

• Extensive experience in cybersecurity, information assurance, or a related field, with a proven track record in a senior leadership or executive role.

• In-depth, hands-on knowledge of CMMC Level 2 requirements and NIST SP 800-171; capable of overseeing a comprehensive System Security Plan (SSP) and full assessment objective coverage.

• Proven experience in leading a DoD contractor compliance program, including obligations related to DFARS 252.204-7012, SPRS reporting, and SAM.gov.

• Demonstrated capability to lead, manage, and develop high-performing security and IT teams, including direct oversight of director-level reports.

• Experience in owning or providing executive oversight for an Incident Response function, inclusive of government reporting requirements.

• Strong skills in Governance, Risk, and Compliance (GRC) and policy governance; ability to establish and maintain a compliance operations model that withstands organizational growth and transition.

• Outstanding communication abilities, capable of translating complex regulatory and technical requirements into clear strategic guidance for engineers, operators, executives, and external stakeholders.

• Active DoD TS/SCI security clearance.


🏝️ Benefits

• Medical/Dental/Vision

• Premiums are 100% Company Paid

• Health Savings Account

• Life Insurance

• Disability Insurance

• 401k Retirement Plan

• Company Stock Options

• Home Office Budget

• We offer all full-time Unicorns Flexible Time Off (FTO) plus all Federal Holidays, one week for Thanksgiving, and two weeks for Christmas and New Year’s

• Paid Parental Leave

• Reimbursement for approved trainings/subscriptions

• Conferences (travel, lodging, and fees)

People also viewed

Softgic1 hour ago

Security Engineer

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
AttackIQ1 hour ago

Client Security Advisor

US flagUnited States OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
DigitalOcean1 hour ago

Staff Network Security Engineer

US flagMassachusetts OnlyFull-timeCybersecurity / Security Engineer$168.8k – $211k/year
ApplyView job
Masabi1 hour ago

Head of Security, Compliance

GB flagUnited Kingdom OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Armor Defense1 hour ago

Security Architect

SG flagSingapore OnlyFull-timeCybersecurity / Security Engineer
ApplyView job
Xenon Seven1 hour ago

AI Cybersecurity Engineer – Offensive Security, Threat Modeling

RS flagSerbia OnlyFreelanceCybersecurity / Security Engineer
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers