Posted today
Top Secret
Executive (SVP, EVP, VP)
Unspecified
Occasional travel
IT - Security
Herndon, VA (On-Site/Office)
Vice President of Information Technology and Security Operations
About Us:
BlackSky is a real-time intelligence company. We own and operate the world's most advanced space-based intelligence platform and provide customers satellite imagery, automated analytics and high-frequency monitoring of strategic locations, economic assets and events from around the globe. BlackSky is trusted by the most demanding allied military and intelligence organizations and commercial companies to deliver foresight into critical matters that affect national security and the economy. BlackSky's data enables governments and businesses to see, understand and anticipate change as it happens, giving them the ultimate strategic advantage so they can act quickly. Our global team works with cutting-edge technology to make a difference around the world and prides itself on being people-first, customer-focused and fun.
As Vice President of Information Technology and Security Operations, you will lead BlackSky’s corporate IT function and enterprise security governance program. Reporting to the CAO and General Counsel, you will be responsible for ensuring the reliability, security, and compliance of BlackSky’s corporate technology environment while serving as the company’s senior voice on information security posture — externally to customers, auditors, and partners, and internally through policy, standards, and mentorship. You will own the compliance and certification requirements that enable BlackSky to compete and deliver in classified and regulated environments.
Responsibilities:
Leadership & Strategic Direction
Lead the corporate IT and security functions, ensuring alignment with business objectives and operational priorities.
Serve as the primary strategic advisor to senior leadership on enterprise security posture, IT initiatives, and risk management.
Develop and execute long-term strategies for corporate IT operations and enterprise security governance focused on prevention, detection, response, and recovery.
Serve as the primary decision authority for corporate IT and enterprise information security matters.
Champion a security-conscious culture across the organization.
Triage and prioritize initiatives across IT and security functions.
Represent BlackSky’s cybersecurity posture externally in customer engagements, BD pursuits, industry events, and audit proceedings.
Corporate and Mission IT Operations
Own BlackSky’s corporate IT infrastructure across processes and architecture.
Lead the corporate IT and security teams with direct management accountability for performance, staffing, and service delivery.
Ensure reliability, availability, and security of enterprise systems, networks, and endpoints.
Evaluate and implement enterprise technology solutions that scale with organizational growth.
Manage vendor relationships, licensing, and third-party service agreements for corporate IT.
Support the design, deployment and maintenance of secure, mission-specific, customer-facing infrastructure and environments.
Security Governance, Compliance & Policy
Lead the development and ongoing implementation of the enterprise compliance program.
Own adherence to key frameworks and certifications, including CMMC, ISO, SOX, CMMI, and other relevant certifications.
Evaluate and recommend additional cybersecurity certifications to pursue based on market positioning and customer requirements.
Develop and maintain the cybersecurity policy and procedure framework.
Serve as cybersecurity and IT signature authority for external entities and commitments.
Manage third-party and supply chain risk assessment and mitigation programs.
Maintain the enterprise risk management program, including oversight of the risk register.
Make informed security determinations for complex network architectures.
Oversee corporate classified facility security requirements, ensuring appropriate cybersecurity staffing and timely customer accreditation deliverables.
Incident Response, Recovery & Resilience
Design and maintain robust incident response strategies for rapid identification, containment, and resolution of breaches and major IT incidents.
Assess incident impacts and strengthen organizational resilience through business continuity and disaster recovery programs.
Ensure full lifecycle incident handling — from triage and response through formal reporting and post-incident recovery.
Collaborate with personnel security teams on insider threat detection, response, and investigation.
Establish and conduct regular incident response and tabletop exercises.
Mentorship, Standards & Cross-Functional Collaboration
Set enterprise cybersecurity standards and best practices that inform execution across engineering practice areas and delivery programs.
Mentor cybersecurity stakeholders and champions across the organization, including those in practice area delivery roles, to drive technical competency and professional growth.
Collaborate with leadership to ensure cybersecurity requirements are understood and addressed in program delivery.
Design and oversee enterprise-wide security awareness and IT training programs with emphasis on scalability and measurable impact.
Budget & Change Management
Own the corporate IT and security budgets with full financial accountability.
Drive change management initiatives to support IT and security governance during organizational transitions, growth, or restructuring.
Partner with senior leadership to periodically assess and optimize organizational structure and resourcing for IT and security functions.
Other responsibilities as needed.
Required Qualifications:
Active TS clearance with SCI eligibility.
Minimum of 10 years of experience in cybersecurity and/or IT operations.
At least five years in senior leadership positions with direct management of teams and budgets.
Strong understanding of compliance frameworks including RMF, CMMC, NIST 800-171, and FISMA.
Experience managing enterprise IT infrastructure.
Experience with auditing and performing control assessments on classified systems, and complex network architectures.
Knowledge of government classified contract requirements from an information security perspective.
Experience with incident handling, triage, and full lifecycle incident management.
Demonstrated experience leading enterprise-scale compliance or certification initiatives.
Exceptional verbal, written, interpersonal, and presentation skills.
Deep understanding of ITAR and EAR export control regulations as they apply to IT systems and data classification.
Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II) and translating framework requirements into operational controls and audit evidence.
Strong communication skills to present complex compliance and risk concepts to technical teams, executive leadership, boards of directors, and external auditors.
Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives.
Bachelor’s degree in a discipline applicable to the position.
Preferred Qualifications:
Experience with Aerospace, Defense, or Federal Contractor industries, including familiarity with CMMC enforcement, DoD contract requirements, and federal compliance culture.
Hands-on experience conducting or participating in CMMC Level 2 assessments or FedRAMP authorizations.
Background in public company SOX compliance, including experience with Audit Committee interactions and SEC reporting requirements.
Professional certifications such as CISSP, CISM, CRISC, Certified Regulatory Compliance Manager (CRCM).
Advanced degree in Cybersecurity, Business Administration, or Engineering.
About Us:
BlackSky is a real-time intelligence company. We own and operate the world's most advanced space-based intelligence platform and provide customers satellite imagery, automated analytics and high-frequency monitoring of strategic locations, economic assets and events from around the globe. BlackSky is trusted by the most demanding allied military and intelligence organizations and commercial companies to deliver foresight into critical matters that affect national security and the economy. BlackSky's data enables governments and businesses to see, understand and anticipate change as it happens, giving them the ultimate strategic advantage so they can act quickly. Our global team works with cutting-edge technology to make a difference around the world and prides itself on being people-first, customer-focused and fun.
As Vice President of Information Technology and Security Operations, you will lead BlackSky’s corporate IT function and enterprise security governance program. Reporting to the CAO and General Counsel, you will be responsible for ensuring the reliability, security, and compliance of BlackSky’s corporate technology environment while serving as the company’s senior voice on information security posture — externally to customers, auditors, and partners, and internally through policy, standards, and mentorship. You will own the compliance and certification requirements that enable BlackSky to compete and deliver in classified and regulated environments.
Responsibilities:
Leadership & Strategic Direction
Lead the corporate IT and security functions, ensuring alignment with business objectives and operational priorities.
Serve as the primary strategic advisor to senior leadership on enterprise security posture, IT initiatives, and risk management.
Develop and execute long-term strategies for corporate IT operations and enterprise security governance focused on prevention, detection, response, and recovery.
Serve as the primary decision authority for corporate IT and enterprise information security matters.
Champion a security-conscious culture across the organization.
Triage and prioritize initiatives across IT and security functions.
Represent BlackSky’s cybersecurity posture externally in customer engagements, BD pursuits, industry events, and audit proceedings.
Corporate and Mission IT Operations
Own BlackSky’s corporate IT infrastructure across processes and architecture.
Lead the corporate IT and security teams with direct management accountability for performance, staffing, and service delivery.
Ensure reliability, availability, and security of enterprise systems, networks, and endpoints.
Evaluate and implement enterprise technology solutions that scale with organizational growth.
Manage vendor relationships, licensing, and third-party service agreements for corporate IT.
Support the design, deployment and maintenance of secure, mission-specific, customer-facing infrastructure and environments.
Security Governance, Compliance & Policy
Lead the development and ongoing implementation of the enterprise compliance program.
Own adherence to key frameworks and certifications, including CMMC, ISO, SOX, CMMI, and other relevant certifications.
Evaluate and recommend additional cybersecurity certifications to pursue based on market positioning and customer requirements.
Develop and maintain the cybersecurity policy and procedure framework.
Serve as cybersecurity and IT signature authority for external entities and commitments.
Manage third-party and supply chain risk assessment and mitigation programs.
Maintain the enterprise risk management program, including oversight of the risk register.
Make informed security determinations for complex network architectures.
Oversee corporate classified facility security requirements, ensuring appropriate cybersecurity staffing and timely customer accreditation deliverables.
Incident Response, Recovery & Resilience
Design and maintain robust incident response strategies for rapid identification, containment, and resolution of breaches and major IT incidents.
Assess incident impacts and strengthen organizational resilience through business continuity and disaster recovery programs.
Ensure full lifecycle incident handling — from triage and response through formal reporting and post-incident recovery.
Collaborate with personnel security teams on insider threat detection, response, and investigation.
Establish and conduct regular incident response and tabletop exercises.
Mentorship, Standards & Cross-Functional Collaboration
Set enterprise cybersecurity standards and best practices that inform execution across engineering practice areas and delivery programs.
Mentor cybersecurity stakeholders and champions across the organization, including those in practice area delivery roles, to drive technical competency and professional growth.
Collaborate with leadership to ensure cybersecurity requirements are understood and addressed in program delivery.
Design and oversee enterprise-wide security awareness and IT training programs with emphasis on scalability and measurable impact.
Budget & Change Management
Own the corporate IT and security budgets with full financial accountability.
Drive change management initiatives to support IT and security governance during organizational transitions, growth, or restructuring.
Partner with senior leadership to periodically assess and optimize organizational structure and resourcing for IT and security functions.
Other responsibilities as needed.
Required Qualifications:
Active TS clearance with SCI eligibility.
Minimum of 10 years of experience in cybersecurity and/or IT operations.
At least five years in senior leadership positions with direct management of teams and budgets.
Strong understanding of compliance frameworks including RMF, CMMC, NIST 800-171, and FISMA.
Experience managing enterprise IT infrastructure.
Experience with auditing and performing control assessments on classified systems, and complex network architectures.
Knowledge of government classified contract requirements from an information security perspective.
Experience with incident handling, triage, and full lifecycle incident management.
Demonstrated experience leading enterprise-scale compliance or certification initiatives.
Exceptional verbal, written, interpersonal, and presentation skills.
Deep understanding of ITAR and EAR export control regulations as they apply to IT systems and data classification.
Experience designing and operating control frameworks (ISO 27001, NIST CSF, SOC 2 Type II) and translating framework requirements into operational controls and audit evidence.
Strong communication skills to present complex compliance and risk concepts to technical teams, executive leadership, boards of directors, and external auditors.
Demonstrated ability to lead and mentor teams, manage budgets, and drive cross-functional initiatives.
Bachelor’s degree in a discipline applicable to the position.
Preferred Qualifications:
Experience with Aerospace, Defense, or Federal Contractor industries, including familiarity with CMMC enforcement, DoD contract requirements, and federal compliance culture.
Hands-on experience conducting or participating in CMMC Level 2 assessments or FedRAMP authorizations.
Background in public company SOX compliance, including experience with Audit Committee interactions and SEC reporting requirements.
Professional certifications such as CISSP, CISM, CRISC, Certified Regulatory Compliance Manager (CRCM).
Advanced degree in Cybersecurity, Business Administration, or Engineering.
group id: 90984354
