Chief Information and Security Officer

Company: Innovative Defense Technologies (IDT)
Location: Arlington
Posted on: May 28, 2023

Job Description:

Description

Background Information:Innovative Defense Technologies (IDT), provider of automated software testing, data analysis, and cybersecurity solutions for complex, mission-critical systems in the US Department of Defense (DOD), is seeking a Chief Information Security Officer (CISO) to be based in our Arlington, VA office.

Overview:The CISO will be responsible for maintaining, leading, and improving our overall security program with a strong focus on information technology (IT) and information systems (IS). The CISO will update and roll out a comprehensive cybersecurity strategy that ensures the confidentiality, integrity, and availability of IDT's classified information systems and resources and will ensure compliance with applicable laws and regulations. The CISO will be expected to stay up to date with evolving technological infrastructure demands and oversee the implementation of DevSecOps practices to enhance security throughout IDT's software development lifecycle. The CISO role requires a visionary, positive leadership-focused individual with sound knowledge of physical security and cybersecurity fundamentals for risk management, incident management/response, and offensive engineering.

The ideal candidate is a thought leader, a consensus builder, must be able to translate complex technical concepts to non-technical audiences, and must be able to succinctly categorize and rank levels of risk. The ideal candidate must be customer-oriented and communicate the value of security to the organization to protect its data integrity.

The position has day-to-day supervisory/managerial responsibilities of more than 25 employees across 4 office locations. The CISO reports directly to the CEO.

All applicants must currently possess an active U.S. Top Secret Security Clearance

Responsibilities Include:

• Maintains responsibility for the overall/comprehensive executive level management in the areas of information security, IT, and IS.
• Maintains responsibility for the development, socialization, approval, and implementation of procedures, standards, and policies to protect the privacy and integrity of data.
• Briefs IDT leadership on information security matters and issues.
• Ensures compliance with regulations and security policies.
• Interface with regulatory and compliance organizations such as the Defense Counterintelligence and Security Agency among others.
• Understands and interacts with related disciplines to ensure the consistent application of policies and standards across all technology projects, systems, and services.
• Works with the Procurement Department to ensure that classified information security requirements are appropriately included in contracts with vendors.
• Develops and maintains a document framework of continuously up-to-date information security policies, standards, and guidelines. Provides information and training regarding classified information systems.
• Coordinates the development and implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support, and in-house consulting in these areas.
• On a continuous basis, evaluates overall Information Technology security direction of the Company, ensuring that all activities are secure, effective, and efficient.
• Develops strategic budget plans for personnel and non-personnel resources.
• Ensures 24x7 hour coverage for classified information systems.
• Performs other official duties and special projects as assigned.
• Ability to travel 20%.
  Minimum Required Qualifications:
  
  • Bachelor's Degree in Information Systems or related discipline
  • 12+ years of experience in professional, executive-level information security roles including administering Information Technology security policies and procedures for classified programs at multiple security levels.
  • Personnel management experience
  • Direct experience in working with DCSA
    Required Skills and Competencies:
    
    • Strong understanding of information security principles, standards, and practices
    • Experience in security operations, incident response, vulnerability management, and security risk assessments
    • Knowledge of DevSecOps principles and practices, including continuous integration/continuous delivery (CI/CD), automation, and infrastructure as code (IaC)
    • Familiarity with Linux, Windows, VMWare and cloud-based services, such as AWS, Azure, and Google Cloud
    • Understanding of networking concepts and protocols, including TCP/IP, VPN, DNS, and firewalls
    • Experience with identity and access management (IAM) technologies and authentication mechanisms, such as Active Directory, LDAP, SAML, and OAuth
    • Ability to collaborate with cross-functional teams, including software development, infrastructure, compliance, legal, and business stakeholders
    • Excellent problem-solving and decision-making skills, with the ability to analyze complex situations and identify creative solutions
    • Desired Certifications: CISSP, CISM, PMP
      EEO Statement:IDT is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, protected Veteran status, or any other basis protected by federal, state, or local law.

Keywords: Innovative Defense Technologies (IDT), Arlington , Chief Information and Security Officer, Executive , Arlington, Virginia