
Chief Information Security Officer
Posted 1 hour ago

Posted 1 hour ago
This is a fully remote position, open to applicants in United States.
• Formulate and implement a comprehensive information security strategy across the enterprise, managing risk, governance, compliance, and threat mitigation to safeguard highly sensitive data, intellectual property, customer environments, and the infrastructure of Mission Hero.
• Act as the executive authority on risk within the organization, making final decisions regarding security posture with enterprise-wide implications, and serving as the primary advisor to the CEO and senior leadership on matters of cyber risk, emerging threats, and business impacts.
• Collaborate with the CEO, General Counsel, and business development leaders to synchronize security investments with contractual obligations, growth goals, and mission priorities.
• Represent Defense Unicorns' security stance in engagements with customers, during contract negotiations, governmental interactions, and partnership discussions.
• Provide oversight to the Director of Security Compliance and Director of Information Technology, ensuring alignment between compliance responsibilities, IT infrastructure, and security operations.
• Cultivate a collaborative security culture focused on mission success, empowering Unicorns to act swiftly while minimizing risks to the business and our customers.
• Develop and implement a strategy for the responsible, cross-functional use of AI that enables Unicorns while maintaining a verifiable information security posture.
• Adjust Defense Unicorns' application security processes to adapt to the realities of AI-driven threat hunting, managing and scaling bug triage and/or bounty programs that align with Open Source software practices and responsible disclosure trends.
• Design and enhance defensive security tools that empower teams to adopt a proactive stance and protect themselves and their outputs from emerging threats, including software supply chain security, advanced security hunting, and sophisticated foreign adversaries.
• Lead initiatives to protect production infrastructure, cloud services, and mission-critical systems from advanced cyber threats, ensuring resilience, regulatory compliance, and alignment with strategic business goals.
• Establish and lead a high-performing security engineering team responsible for securing Defense Unicorns' production environments and customer-facing platforms, covering architecture, hardening, threat detection, and defensive measures across cloud, hybrid, and on-premise infrastructures.
• Direct the strategy for security architecture and infrastructure protection at scale, defining the technical vision while empowering the Director of IT for execution.
• Promote the automation of security processes to enhance mean time to detection and containment, while driving continuous improvement in security operations.
• Act as the executive sponsor for the Incident Response program, ensuring readiness of cross-training, playbook development, and compliance with DFARS 252.204-7012 government notification requirements.
• Manage the enterprise Governance, Risk, and Compliance (GRC) framework, establishing policy standards, defining residual risk thresholds, and ensuring accountability across organizational divisions.
• Provide executive sponsorship for the CMMC Level 2 compliance program, overseeing accountability for DFARS 252.204-7012 and 7021 posture, POA&M governance, and C3PAO assessment readiness across all contract vehicles.
• Supervise the third-party risk management (TPRM) program and supply chain risk management in accordance with NIST SP 800-161, holding final authority on technology investments with compliance implications.
• Serve as the executive point of contact for government regulatory agencies, C3PAO assessors, and auditors.
• Regularly report on cyber risk posture, program health, and compliance status to senior leadership.
• Foster a security-conscious culture throughout the organization, treating security as a facilitator of missions rather than a hindrance.
• Lead enterprise security awareness and training initiatives, ensuring that all Unicorns and contractors comprehend their roles in upholding the company's security posture.
• Clearly convey complex security concepts to diverse audiences, including engineers, operators, executives, board members, and government representatives.
• Advocate for risk-informed decision-making at all organizational levels, empowering teams to operate confidently within well-defined parameters.
• Extensive experience in cybersecurity, information assurance, or a related field, with a proven track record in a senior leadership or executive role.
• In-depth, hands-on knowledge of CMMC Level 2 requirements and NIST SP 800-171; capable of overseeing a comprehensive System Security Plan (SSP) and full assessment objective coverage.
• Proven experience in leading a DoD contractor compliance program, including obligations related to DFARS 252.204-7012, SPRS reporting, and SAM.gov.
• Demonstrated capability to lead, manage, and develop high-performing security and IT teams, including direct oversight of director-level reports.
• Experience in owning or providing executive oversight for an Incident Response function, inclusive of government reporting requirements.
• Strong skills in Governance, Risk, and Compliance (GRC) and policy governance; ability to establish and maintain a compliance operations model that withstands organizational growth and transition.
• Outstanding communication abilities, capable of translating complex regulatory and technical requirements into clear strategic guidance for engineers, operators, executives, and external stakeholders.
• Active DoD TS/SCI security clearance.
• Medical/Dental/Vision
• Premiums are 100% Company Paid
• Health Savings Account
• Life Insurance
• Disability Insurance
• 401k Retirement Plan
• Company Stock Options
• Home Office Budget
• We offer all full-time Unicorns Flexible Time Off (FTO) plus all Federal Holidays, one week for Thanksgiving, and two weeks for Christmas and New Year’s
• Paid Parental Leave
• Reimbursement for approved trainings/subscriptions
• Conferences (travel, lodging, and fees)
Softgic
AttackIQ
DigitalOcean
Masabi
Get handpicked remote jobs straight to your inbox weekly.