Chief Information Security Officer

🕒 6 dias atrás

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Defense Unicorns

SiteLinkedInTodas as Vagas

51 - 200 funcionários

🔒 Cibersegurança

💰 Seed Round em 2022-10

Defense • Software • Cybersecurity

Defense Unicorns é uma empresa de tecnologia inovadora focada em transformar a forma como o Departamento de Defesa dos EUA (DoD) adquire e implementa capacidades de software críticas para a missão. Através de sua Airgap App Store e do Unicorn Delivery Service (UDS), a Defense Unicorns oferece um mercado centralizado de aplicativos confiáveis e pré-aprovados, projetados para implantações rápidas, seguras e em conformidade nos ambientes mais seguros e complexos do DoD. A empresa enfatiza velocidade e confiabilidade na entrega de software, atendendo a várias missões em domínios como Exército, Marinha, Força Aérea e Força Espacial. A Defense Unicorns enfrenta os desafios únicos do DevSecOps para sistemas de defesa, garantindo adaptabilidade operacional e segurança em implantações de software críticas para a missão.

Descrição

• Develop and execute the enterprise-wide information security strategy, overseeing risk management, governance, compliance, and threat mitigation to protect highly sensitive data, intellectual property, customer environments, and Mission Hero infrastructure. • Serve as the organization's executive risk authority, the final decision-maker on security posture decisions with enterprise-level impact, and primary advisor to the CEO and senior leadership on cyber risk, emerging threats, and business impact. • Partner with the CEO, General Counsel, and business development leadership to align security investments with contract requirements, growth objectives, and mission priorities. • Represent Defense Unicorns' security posture in customer-facing engagements, contract negotiations, government interactions, and partnership discussions. • Provide executive oversight to the Director of Security Compliance and Director of Information Technology, ensuring cohesion between compliance obligations, IT infrastructure, and security operations. • Foster a collaborative, mission-first security culture, one that empowers Unicorns to move fast while minimizing risk to the business and our customers. • Own and execute on a strategy for responsible, cross-cutting AI usage in all functions which enables Unicorns while maintaining a verifiable information security posture. • Adapt Defense Unicorns application security processes to the AI-native threat hunting realities. Operate and scale bug triage and/or bounty programs that are compatible with Open Source software practices and the trends in responsible disclosure. • Build and scale defensive security tooling that enables teams to shift-left and safeguard themselves and their work products, from emergent threats including software supply chain security, advanced security hunting, and advanced foreign actors. • Lead cross-functional efforts to safeguard production infrastructure, cloud platforms, and mission-critical systems against advanced cyber threats, ensuring resilience, regulatory adherence, and alignment with strategic business objectives. • Build and lead a high-performing security engineering function responsible for securing Defense Unicorns' production environments and customer-facing platforms, including architecture, hardening, threat detection, and defensive controls across cloud, hybrid, and on-premise infrastructure. • Direct strategy for security architecture and infrastructure protection at scale, setting the technical vision while empowering the Director of IT to implement. • Champion automation of security processes to reduce mean time to detection and containment, and drive continuous improvement across security operations. • Serve as the executive sponsor for the Incident Response program, ensuring the function is cross-trained, playbook-ready, and compliant with DFARS 252.204-7012 government notification requirements. • Own the enterprise Governance, Risk, and Compliance (GRC) framework, setting policy standards, defining residual risk thresholds, and ensuring accountability across organizational units. • Provide executive sponsorship for the CMMC Level 2 compliance program, maintaining accountability for DFARS 252.204-7012 and 7021 posture, POA&M governance, and C3PAO assessment readiness across all contract vehicles. • Oversee the third-party risk management (TPRM) program and supply chain risk management aligned to NIST SP 800-161, providing final approval authority on technology investments with compliance implications. • Serve as the executive interface for government regulatory agencies, C3PAO assessors, and auditors. • Report on cyber risk posture, program health, and compliance status to senior leadership on a regular cadence. • Build and sustain a security-aware culture across the organization, one that treats security as mission-enabling, not mission-blocking. • Lead enterprise security awareness and training programs, ensuring all Unicorns and contractors understand their role in maintaining the company's security posture. • Communicate complex security concepts clearly to diverse audiences, from engineers and operators to executives, board members, and government stakeholders. • Advocate for risk-informed decision-making at every level, empowering teams to operate confidently within well-understood guardrails.

🎯 Requisitos

• Progressive experience in cybersecurity, information assurance, or a related field, with demonstrated experience in a senior leadership or executive role. • Deep, hands-on familiarity with CMMC Level 2 requirements and NIST SP 800-171; ability to oversee a comprehensive SSP and full assessment objective coverage. • Demonstrated experience leading a DoD contractor compliance program, including DFARS 252.204-7012, SPRS reporting, and SAM.gov obligations. • Proven ability to lead, manage, and develop high-performing security and IT teams, including direct management of director-level reports. • Experience owning or providing executive oversight for an Incident Response function, including government reporting obligations. • Strong GRC and policy governance skills; ability to build and sustain a compliance operations model that is durable through organizational growth and transition. • Exceptional communication skills, able to translate complex regulatory and technical requirements into clear strategic guidance for engineers, operators, executives, and external stakeholders. • Active DoD TS/SCI security clearance.

🏖️ Benefícios

• Medical/Dental/Vision • Premiums are 100% Company Paid • Health Savings Account • Life Insurance • Disability Insurance • 401k Retirement Plan • Company Stock Options • Home Office Budget • We offer all full-time Unicorns Flexible Time Off (FTO) plus all Federal Holidays, one week for Thanksgiving, and two weeks for Christmas and New Year’s • Paid Parental Leave • Reimbursement for approved trainings/subscriptions • Conferences (travel, lodging, and fees)