Chief Information Security Officer

🕒 il y a 5 jours

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Defense Unicorns

Site WebLinkedInTous les Emplois

51 - 200 employés

🔒 Cybersecurity

💰 Seed Round en 2022-10

Defense • Software • Cybersecurity

Defense Unicorns est une entreprise de technologie de pointe dédiée à transformer la façon dont le ministère de la Défense des États-Unis (DoD) acquiert et déploie des capacités logicielles critiques pour les missions. Grâce à son Airgap App Store et à son Unicorn Delivery Service (UDS), Defense Unicorns propose un marché centralisé d'applications de confiance, pré-approuvées pour des déploiements rapides, sécurisés et conformes dans les environnements DoD les plus sécurisés et complexes. L'entreprise met l'accent sur la rapidité et la fiabilité de la livraison de logiciels, répondant à diverses missions à travers des domaines tels que l'armée, la marine, l'armée de l'air et la force spatiale. Defense Unicorns relève les défis uniques de DevSecOps pour les systèmes de défense, assurant l'adaptabilité opérationnelle et la sécurité dans les déploiements de logiciels essentiels.

Description

• Develop and execute the enterprise-wide information security strategy, overseeing risk management, governance, compliance, and threat mitigation to protect highly sensitive data, intellectual property, customer environments, and Mission Hero infrastructure. • Serve as the organization's executive risk authority, the final decision-maker on security posture decisions with enterprise-level impact, and primary advisor to the CEO and senior leadership on cyber risk, emerging threats, and business impact. • Partner with the CEO, General Counsel, and business development leadership to align security investments with contract requirements, growth objectives, and mission priorities. • Represent Defense Unicorns' security posture in customer-facing engagements, contract negotiations, government interactions, and partnership discussions. • Provide executive oversight to the Director of Security Compliance and Director of Information Technology, ensuring cohesion between compliance obligations, IT infrastructure, and security operations. • Foster a collaborative, mission-first security culture, one that empowers Unicorns to move fast while minimizing risk to the business and our customers. • Own and execute on a strategy for responsible, cross-cutting AI usage in all functions which enables Unicorns while maintaining a verifiable information security posture. • Adapt Defense Unicorns application security processes to the AI-native threat hunting realities. Operate and scale bug triage and/or bounty programs that are compatible with Open Source software practices and the trends in responsible disclosure. • Build and scale defensive security tooling that enables teams to shift-left and safeguard themselves and their work products, from emergent threats including software supply chain security, advanced security hunting, and advanced foreign actors. • Lead cross-functional efforts to safeguard production infrastructure, cloud platforms, and mission-critical systems against advanced cyber threats, ensuring resilience, regulatory adherence, and alignment with strategic business objectives. • Build and lead a high-performing security engineering function responsible for securing Defense Unicorns' production environments and customer-facing platforms, including architecture, hardening, threat detection, and defensive controls across cloud, hybrid, and on-premise infrastructure. • Direct strategy for security architecture and infrastructure protection at scale, setting the technical vision while empowering the Director of IT to implement. • Champion automation of security processes to reduce mean time to detection and containment, and drive continuous improvement across security operations. • Serve as the executive sponsor for the Incident Response program, ensuring the function is cross-trained, playbook-ready, and compliant with DFARS 252.204-7012 government notification requirements. • Own the enterprise Governance, Risk, and Compliance (GRC) framework, setting policy standards, defining residual risk thresholds, and ensuring accountability across organizational units. • Provide executive sponsorship for the CMMC Level 2 compliance program, maintaining accountability for DFARS 252.204-7012 and 7021 posture, POA&M governance, and C3PAO assessment readiness across all contract vehicles. • Oversee the third-party risk management (TPRM) program and supply chain risk management aligned to NIST SP 800-161, providing final approval authority on technology investments with compliance implications. • Serve as the executive interface for government regulatory agencies, C3PAO assessors, and auditors. • Report on cyber risk posture, program health, and compliance status to senior leadership on a regular cadence. • Build and sustain a security-aware culture across the organization, one that treats security as mission-enabling, not mission-blocking. • Lead enterprise security awareness and training programs, ensuring all Unicorns and contractors understand their role in maintaining the company's security posture. • Communicate complex security concepts clearly to diverse audiences, from engineers and operators to executives, board members, and government stakeholders. • Advocate for risk-informed decision-making at every level, empowering teams to operate confidently within well-understood guardrails.

🎯 Exigences

• Progressive experience in cybersecurity, information assurance, or a related field, with demonstrated experience in a senior leadership or executive role. • Deep, hands-on familiarity with CMMC Level 2 requirements and NIST SP 800-171; ability to oversee a comprehensive SSP and full assessment objective coverage. • Demonstrated experience leading a DoD contractor compliance program, including DFARS 252.204-7012, SPRS reporting, and SAM.gov obligations. • Proven ability to lead, manage, and develop high-performing security and IT teams, including direct management of director-level reports. • Experience owning or providing executive oversight for an Incident Response function, including government reporting obligations. • Strong GRC and policy governance skills; ability to build and sustain a compliance operations model that is durable through organizational growth and transition. • Exceptional communication skills, able to translate complex regulatory and technical requirements into clear strategic guidance for engineers, operators, executives, and external stakeholders. • Active DoD TS/SCI security clearance.

🏖️ Avantages

• Medical/Dental/Vision • Premiums are 100% Company Paid • Health Savings Account • Life Insurance • Disability Insurance • 401k Retirement Plan • Company Stock Options • Home Office Budget • We offer all full-time Unicorns Flexible Time Off (FTO) plus all Federal Holidays, one week for Thanksgiving, and two weeks for Christmas and New Year’s • Paid Parental Leave • Reimbursement for approved trainings/subscriptions • Conferences (travel, lodging, and fees)