Chief Information Security Officer

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Defense Unicorns

WebsiteLinkedInAll Job Openings

51 - 200 employees

🔒 Cybersecurity

💰 Seed Round on 2022-10

Defense • Software • Cybersecurity

Defense Unicorns is a cutting-edge technology company focused on transforming the way the U. S. Department of Defense (DoD) procures and deploys mission-critical software capabilities. Through its Airgap App Store and Unicorn Delivery Service (UDS), Defense Unicorns offers a centralized marketplace of trusted, pre-approved applications designed for rapid, secure, and compliant deployments in the most secure and complex DoD environments. The company emphasizes speed and reliability in software delivery, catering to various missions across domains such as Army, Navy, Air Force, and Space Force. Defense Unicorns meets the unique challenges of DevSecOps for defense systems, ensuring operational adaptability and security in mission-critical software deployments.

📋 Description

• Develop and execute the enterprise-wide information security strategy, overseeing risk management, governance, compliance, and threat mitigation to protect highly sensitive data, intellectual property, customer environments, and Mission Hero infrastructure. • Serve as the organization's executive risk authority, the final decision-maker on security posture decisions with enterprise-level impact, and primary advisor to the CEO and senior leadership on cyber risk, emerging threats, and business impact. • Partner with the CEO, General Counsel, and business development leadership to align security investments with contract requirements, growth objectives, and mission priorities. • Represent Defense Unicorns' security posture in customer-facing engagements, contract negotiations, government interactions, and partnership discussions. • Provide executive oversight to the Director of Security Compliance and Director of Information Technology, ensuring cohesion between compliance obligations, IT infrastructure, and security operations. • Foster a collaborative, mission-first security culture, one that empowers Unicorns to move fast while minimizing risk to the business and our customers. • Own and execute on a strategy for responsible, cross-cutting AI usage in all functions which enables Unicorns while maintaining a verifiable information security posture. • Adapt Defense Unicorns application security processes to the AI-native threat hunting realities. Operate and scale bug triage and/or bounty programs that are compatible with Open Source software practices and the trends in responsible disclosure. • Build and scale defensive security tooling that enables teams to shift-left and safeguard themselves and their work products, from emergent threats including software supply chain security, advanced security hunting, and advanced foreign actors. • Lead cross-functional efforts to safeguard production infrastructure, cloud platforms, and mission-critical systems against advanced cyber threats, ensuring resilience, regulatory adherence, and alignment with strategic business objectives. • Build and lead a high-performing security engineering function responsible for securing Defense Unicorns' production environments and customer-facing platforms, including architecture, hardening, threat detection, and defensive controls across cloud, hybrid, and on-premise infrastructure. • Direct strategy for security architecture and infrastructure protection at scale, setting the technical vision while empowering the Director of IT to implement. • Champion automation of security processes to reduce mean time to detection and containment, and drive continuous improvement across security operations. • Serve as the executive sponsor for the Incident Response program, ensuring the function is cross-trained, playbook-ready, and compliant with DFARS 252.204-7012 government notification requirements. • Own the enterprise Governance, Risk, and Compliance (GRC) framework, setting policy standards, defining residual risk thresholds, and ensuring accountability across organizational units. • Provide executive sponsorship for the CMMC Level 2 compliance program, maintaining accountability for DFARS 252.204-7012 and 7021 posture, POA&M governance, and C3PAO assessment readiness across all contract vehicles. • Oversee the third-party risk management (TPRM) program and supply chain risk management aligned to NIST SP 800-161, providing final approval authority on technology investments with compliance implications. • Serve as the executive interface for government regulatory agencies, C3PAO assessors, and auditors. • Report on cyber risk posture, program health, and compliance status to senior leadership on a regular cadence. • Build and sustain a security-aware culture across the organization, one that treats security as mission-enabling, not mission-blocking. • Lead enterprise security awareness and training programs, ensuring all Unicorns and contractors understand their role in maintaining the company's security posture. • Communicate complex security concepts clearly to diverse audiences, from engineers and operators to executives, board members, and government stakeholders. • Advocate for risk-informed decision-making at every level, empowering teams to operate confidently within well-understood guardrails.

🎯 Requirements

• Progressive experience in cybersecurity, information assurance, or a related field, with demonstrated experience in a senior leadership or executive role. • Deep, hands-on familiarity with CMMC Level 2 requirements and NIST SP 800-171; ability to oversee a comprehensive SSP and full assessment objective coverage. • Demonstrated experience leading a DoD contractor compliance program, including DFARS 252.204-7012, SPRS reporting, and SAM.gov obligations. • Proven ability to lead, manage, and develop high-performing security and IT teams, including direct management of director-level reports. • Experience owning or providing executive oversight for an Incident Response function, including government reporting obligations. • Strong GRC and policy governance skills; ability to build and sustain a compliance operations model that is durable through organizational growth and transition. • Exceptional communication skills, able to translate complex regulatory and technical requirements into clear strategic guidance for engineers, operators, executives, and external stakeholders. • Active DoD TS/SCI security clearance.

🏖️ Benefits

• Medical/Dental/Vision • Premiums are 100% Company Paid • Health Savings Account • Life Insurance • Disability Insurance • 401k Retirement Plan • Company Stock Options • Home Office Budget • We offer all full-time Unicorns Flexible Time Off (FTO) plus all Federal Holidays, one week for Thanksgiving, and two weeks for Christmas and New Year’s • Paid Parental Leave • Reimbursement for approved trainings/subscriptions • Conferences (travel, lodging, and fees)