Posted today
Secret
Unspecified
Unspecified
IT - Security
Remote/Hybrid• (Off-Site/Hybrid)
A CISO job description for a Service-Disabled Veteran-Owned Small Business (SDVOSB) in the IT field emphasizes compliance with government regulations (like CMMC or NIST frameworks), risk management, and the ability to be both strategic and hands-on with limited resources. The role often involves wearing multiple hats and collaborating closely with other executives and technical staff.
Chief Information Security Officer (CISO)
SteelGate is a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) specializing in innovative IT solutions for federal and commercial clients and are seeking a highly motivated and experienced Chief Information Security Officer (CISO) to establish and lead our comprehensive information security program. This executive role requires a strategic leader with a hands-on approach to protecting our digital assets and ensuring continuous compliance with rigorous industry and government standards and will report to the Chief Executive Officer (CEO)
Key Responsibilities
• Strategic Leadership: Develop, implement, and maintain an enterprise-wide information security strategy and vision that aligns with business objectives and growth.
• Governance, Risk, and Compliance (GRC):
o Oversee compliance with all applicable laws, regulations, and industry standards, including but not limited to the NIST Cybersecurity Framework, ISO 27001, and the Cybersecurity Maturity Model Certification (CMMC) requirements essential for federal contracting.
o Conduct regular risk assessments to identify vulnerabilities, prioritize remediation efforts, and report the organization's security posture to executive leadership and the Board of Directors.
o Manage third-party vendor risk, ensuring all partners and suppliers meet necessary security standards.
• Security Operations: Oversee day-to-day security operations, including threat detection, vulnerability management, and incident response planning and execution. Develop and test business continuity and disaster recovery plans to ensure organizational resilience. Implement and manage security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), and Security Information and Event Management (SIEM) tools.
• Security Architecture & Engineering: Collaborate with IT and product development teams to ensure secure design, development, and implementation of all systems and applications, including secure cloud architecture (AWS, Azure).
• Security Awareness & Culture: Promote a strong, security-conscious culture across the organization by developing and managing routine security awareness and training programs for all employees.
• Budget & Resource Management: Manage the security budget effectively, optimizing resource allocation and demonstrating the return on investment (ROI) for security initiatives.
Requirements:
• Experience: Minimum of 10 years in information security, including 5 years in a leadership role and experience with federal contracting compliance (e.g., CMMC, FedRAMP) is a plus.
• Technical Knowledge: Understanding of cybersecurity principles, frameworks (NIST, ISO 27001), and security technologies.
• Leadership & Communication: Strong leadership and decision-making abilities. Ability to explain complex security concepts to various stakeholders, including executives.
• Education & Certifications: Bachelor's degree in a relevant field; a Master's is preferred with relevant certifications like CISSP or CISM are highly desirable.
Location: Remote, Some Travel required
Benefits:
• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance
Schedule:
• 8 hour shift
• Monday to Friday
• On call
STEELGATE LLC is a Service-Disabled, Veteran-Owned Small Business (SDVOSB) that prides itself in hiring top-level Subject Matter Experts (SME's) proven to exceed deliverable expectations. STEELGATE LLC is focused on solving the hard problems facing our government and commercial clients. Our success lies in blending together relevant domain/functional knowledge with deep expertise in Information Technology, Cybersecurity, Defensive Cyber Operations, cloud-based DevSecOps, Data Analytics & AI, Acquisition and Acquisition Management, and more. STEELGATE LLC has a positive, inclusive workplace environment where all team members and partners work towards mutual success. We have established a reliable reach-back program whereas all SMEs are available to support, advise and directly complete mission deliverables when necessary. STEELGATE LLC has a worldwide reputation as a valued and trustworthy partner. Our can-do attitude and willingness to support any mission requirement sets us apart from other small business organizations. Find out more about STEELGATE LLC @ www.steelgatellc.com.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
Chief Information Security Officer (CISO)
SteelGate is a proud Service-Disabled Veteran-Owned Small Business (SDVOSB) specializing in innovative IT solutions for federal and commercial clients and are seeking a highly motivated and experienced Chief Information Security Officer (CISO) to establish and lead our comprehensive information security program. This executive role requires a strategic leader with a hands-on approach to protecting our digital assets and ensuring continuous compliance with rigorous industry and government standards and will report to the Chief Executive Officer (CEO)
Key Responsibilities
• Strategic Leadership: Develop, implement, and maintain an enterprise-wide information security strategy and vision that aligns with business objectives and growth.
• Governance, Risk, and Compliance (GRC):
o Oversee compliance with all applicable laws, regulations, and industry standards, including but not limited to the NIST Cybersecurity Framework, ISO 27001, and the Cybersecurity Maturity Model Certification (CMMC) requirements essential for federal contracting.
o Conduct regular risk assessments to identify vulnerabilities, prioritize remediation efforts, and report the organization's security posture to executive leadership and the Board of Directors.
o Manage third-party vendor risk, ensuring all partners and suppliers meet necessary security standards.
• Security Operations: Oversee day-to-day security operations, including threat detection, vulnerability management, and incident response planning and execution. Develop and test business continuity and disaster recovery plans to ensure organizational resilience. Implement and manage security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), and Security Information and Event Management (SIEM) tools.
• Security Architecture & Engineering: Collaborate with IT and product development teams to ensure secure design, development, and implementation of all systems and applications, including secure cloud architecture (AWS, Azure).
• Security Awareness & Culture: Promote a strong, security-conscious culture across the organization by developing and managing routine security awareness and training programs for all employees.
• Budget & Resource Management: Manage the security budget effectively, optimizing resource allocation and demonstrating the return on investment (ROI) for security initiatives.
Requirements:
• Experience: Minimum of 10 years in information security, including 5 years in a leadership role and experience with federal contracting compliance (e.g., CMMC, FedRAMP) is a plus.
• Technical Knowledge: Understanding of cybersecurity principles, frameworks (NIST, ISO 27001), and security technologies.
• Leadership & Communication: Strong leadership and decision-making abilities. Ability to explain complex security concepts to various stakeholders, including executives.
• Education & Certifications: Bachelor's degree in a relevant field; a Master's is preferred with relevant certifications like CISSP or CISM are highly desirable.
Location: Remote, Some Travel required
Benefits:
• 401(k)
• 401(k) matching
• Dental insurance
• Health insurance
• Paid time off
• Vision insurance
Schedule:
• 8 hour shift
• Monday to Friday
• On call
STEELGATE LLC is a Service-Disabled, Veteran-Owned Small Business (SDVOSB) that prides itself in hiring top-level Subject Matter Experts (SME's) proven to exceed deliverable expectations. STEELGATE LLC is focused on solving the hard problems facing our government and commercial clients. Our success lies in blending together relevant domain/functional knowledge with deep expertise in Information Technology, Cybersecurity, Defensive Cyber Operations, cloud-based DevSecOps, Data Analytics & AI, Acquisition and Acquisition Management, and more. STEELGATE LLC has a positive, inclusive workplace environment where all team members and partners work towards mutual success. We have established a reliable reach-back program whereas all SMEs are available to support, advise and directly complete mission deliverables when necessary. STEELGATE LLC has a worldwide reputation as a valued and trustworthy partner. Our can-do attitude and willingness to support any mission requirement sets us apart from other small business organizations. Find out more about STEELGATE LLC @ www.steelgatellc.com.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.
group id: 91133289
