Chief Information Security Officer- CISO (R2887)

Are you a visionary leader with a passion for cybersecurity and a knack for building robust security frameworks? Do you have the expertise to protect critical assets and the strategic insight to align security initiatives with business goals? If you thrive in a high-stakes environment where your decisions directly impact the safety and security of an organization, Shield AI is the place for you! 

As the Chief Information Security Officer (CISO) at Shield AI, you will lead the charge in fortifying our cybersecurity defenses, ensuring the protection of corporate intellectual property and classified information. This role blends strategic leadership with hands-on technical expertise to create and maintain a security-first culture across the organization. 

What you'll do:

• Strategic Leadership: Lead, manage and grow a high-performing cybersecurity and information security team (team of 4), aligning their efforts with Shield AI’s overall strategic objectives. 
• Security Policy Development: Develop, implement, and enforce comprehensive cybersecurity policies that protect the company’s assets, data, and intellectual property at all levels of classification. 
• Risk Management: Conduct thorough risk assessments, develop and implement mitigation strategies, and ensure compliance with regulatory and legal standards. 
• Incident Response and Recovery: Oversee the monitoring, management, and resolution of security incidents, ensuring swift recovery and minimal impact on operations. 
• Cybersecurity Strategy: Develop, execute, and continuously refine a cybersecurity strategy that protects Shield AI’s infrastructure and assets from evolving cyber threats. 
• Security Operations Center Leadership: Lead the operations of the Internal SOC, ensuring it operates at peak efficiency to monitor, detect, and respond to security incidents in real time. 
• Compliance and Governance: Ensure that Shield AI’s cybersecurity practices comply with relevant regulations and standards, such as CMMC, NIST 800-171/53, and ITAR, and lead efforts to maintain these standards. 
• Stakeholder Communication: Regularly brief executives and senior management on the state of cybersecurity within the organization and provide expert guidance on new security initiatives and potential risks. 
• Security Architecture Design: Oversee the development and implementation of a robust security architecture that supports Shield AI’s growth and protects its sensitive information. 
• Cybersecurity Training and Awareness: Implement a comprehensive cybersecurity training and awareness program to cultivate a security-first culture across all levels of the organization. 
• Vendor and Third-Party Risk Management: Manage and evaluate the cybersecurity practices of third-party vendors to ensure they meet Shield AI’s security standards. 
• Cultural Alignment: Foster a cybersecurity culture that aligns with Shield AI’s mission-driven and values-focused environment, ensuring that security is embedded in every aspect of the organization. 
• Leadership Development: Mentor and develop the next generation of cybersecurity leaders within Shield AI, ensuring a strong leadership pipeline for the future. 

Projects you might work on:

• Lead the Internal Security Operations Center (SOC): Establish, manage, and continually enhance the in-house SOC, ensuring 24/7 monitoring and rapid response capabilities to defend against potential threats. 
• Develop a Comprehensive Cybersecurity Strategy: Create and implement a multi-year cybersecurity roadmap that aligns with business objectives, enhances security posture, and prepares the organization for emerging threats. 
• Enhance Cyber Defense Mechanisms: Deploy and integrate advanced security technologies, such as next-generation firewalls, intrusion detection systems, and SIEM platforms, to strengthen the company's cyber defense. 
• Governance, Risk, and Compliance: Lead initiatives to ensure ongoing compliance with relevant cybersecurity regulations, such as CMMC, NIST 800-171/53, and ITAR, and implement a continuous risk management framework. 
• Cybersecurity Awareness and Training: Develop and execute a company-wide security awareness program to build a culture of security, ensuring all employees understand their role in protecting the organization's assets. 
• Vendor and Third-Party Risk Management: Oversee the evaluation and management of third-party vendors and partners to ensure they meet Shield AI’s stringent cybersecurity standards. 
• Incident Response and Recovery: Lead the development and continuous improvement of incident response protocols, ensuring the organization is prepared to swiftly and effectively recover from any security incidents. 
• Security Architecture Design: Oversee the design and implementation of a resilient security architecture that protects sensitive data and supports the organization’s growth. 

Required qualifications:

• Educational Background: B.S. in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent practical experience. 
• Certifications: Professional certifications such as CISSP, CISM, CISA, or GIAC (e.g., GSEC, GCIH, GCFA) are required. 
• Leadership Experience: Proven experience in leading and managing cybersecurity teams, with the ability to align security initiatives with broader business goals. 
• Technical Expertise: Strong foundational knowledge in cybersecurity principles, practices, and technologies, with hands-on experience in implementing and managing security frameworks in complex environments. 
• Compliance Knowledge: Deep understanding of compliance regulations and frameworks, including CMMC, NIST 800-171, NIST 800-53, and ITAR. 
• Risk Management: Demonstrated experience in conducting risk assessments, implementing risk mitigation strategies, and ensuring compliance with regulatory requirements. 
• Problem Solving and Incident Response: Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security challenges. Proven experience in managing cybersecurity incidents, ensuring swift and effective resolution while minimizing impact on business operations. 
• Communication Skills: Exceptional communication skills, capable of articulating complex security concepts to diverse audiences, including senior leadership and non-technical stakeholders. 

Preferred qualifications:

• Extensive Leadership: 15+ years in cybersecurity and information security, with at least 8+ years in leadership roles, preferably in high-growth or highly regulated environments. 
• Advanced Certifications: Possession of advanced certifications such as CISM, CISSP, or specialized GIAC certifications (e.g., GCFA, GNFA) is highly desirable. 
• Educational Background: A master's degree or higher in Cybersecurity, Information Technology, Computer Science, or a related field is preferred. 
• Defense Contracting Experience: Experience in implementing and assessing U.S. defense contracting information security requirements, including CMMC, NIST standards, and ITAR. 
• Strategic Thinking: Ability to connect cybersecurity strategies to business objectives and develop long-term plans and goals for information security. 
• Program Development: Experience building and scaling cybersecurity programs in organizations facing high-threat environments or operating under strict regulatory frameworks. 
• Cybersecurity Technology Expertise: In-depth knowledge of current and emerging cybersecurity technologies, trends, and best practices, including experience with advanced security tools and frameworks. 
• Cultural Fit: Demonstrated ability to foster a security-first culture that aligns with the mission-driven and values-focused environment of Shield AI. 
• Leadership Development: Proven experience in mentoring and developing cybersecurity professionals, ensuring a strong leadership pipeline for the future.