Director of Cybersecurity

• You want to make tomorrow better than today. 
• You have a passion for high-speed security and you care about risk management over compliance.
• You believe the biggest vulnerability in any system is time. You live to securely reduce cycle time.
• You enjoy daily decision making and real product delivery.
• You help ensure project success and client satisfaction. 
• You enjoy collaborative teams, pairing with team members, and inviting your clients to participate. 
• You like to work alongside, and learn from, lean and agile leaders. 
• You are a creative problem solver who is comfortable with uncertainty.
• You’re a curious and keen learner who thrives on enhancing your (and our) practices and knowledge.

Drive Rise8’s cybersecurity posture and practice across delivery and client engagements. You’ll own CMMC readiness and compliance, SCG/CUI governance, and act as our cATO SME while building and scaling a high-trust Cyber Practice that supports both internal operations and customer missions. This is a hands-on leadership role that blends technical depth (architecture, DevSecOps, secure cloud operations) with program-level responsibility (SSP/POA&M ownership, audit readiness, customer briefings, staffing and capability delivery).

• Own CMMC (2.0) program delivery end-to-end — policy, System Security Plans (SSPs), POA&Ms, evidence collection, assessor engagements, and audit readiness.
• Lead SCG / CUI governance: define handling policies, training, marking/labeling guidance, and cross-contract controls.
• Serve as the company cATO SME: design and operationalize continuous Authorization-to-Operate approaches, advise customers on sustainment, and integrate continuous monitoring tooling and processes.
• Build and lead the Cyber Practice: define service offerings (advisory, readiness, implementation, managed services), craft go-to-market materials, scope engagements, and own delivery quality.
• Provide technical leadership on secure architecture, cloud security (AWS/Azure/GCP), identity & access management, DevSecOps integration, vulnerability management, SIEM/SOAR operations, and incident response.
• Drive evidence collection and tooling integration to make compliance repeatable and auditable (automation of evidence, drift detection, configuration baselines).
• Support proposals, SOWs, pricing, and technical capture; brief executives and DoD/federal customers on security strategy and risk posture.
  Hire, mentor, and grow cybersecurity staff and contractors; establish OKRs, career bands, and practice playbooks.
• Partner closely with IT, Delivery, Legal, and People Ops to ensure contract-level security obligations are satisfied and sustained.
• Maintain relationships with assessors, auditors, third-party vendors, and MSSPs; select and manage partners as needed.
• Run tabletop exercises, incident post-mortems, and continuous improvement cycles to reduce risk and harden operations.
• Measure and report on cyber KPIs (POA&M closure rate, time-to-remediate, control maturity, audit status) for leadership and customers.

• 10+ years in cybersecurity roles with a minimum of 6 years in a leadership/practice-owner or senior advisory position.
• Demonstrated ownership of CMMC readiness or equivalent federal compliance programs (NIST SP 800-171 / 800-53, DFARS 252.204-7012) — production of SSPs, POA&Ms, and assessment support.
• Hands-on experience operationalizing ATO/cATO models or frequent ATO cycles with federal customers.
• Strong technical background in cloud security (AWS/Azure/GCP), IAM, DevSecOps pipelines, secure configuration baselines, logging/monitoring, and vulnerability management.
• Experience integrating SIEM/SOAR, endpoint detection, and continuous monitoring tooling into compliance programs.
• Proven ability to translate technical risk into executive-level recommendations and to present to DoD/federal stakeholders.
• Experience hiring, mentoring, and scaling technical teams and practice offerings.
• Excellent written and verbal communication skills; strong client-facing presence and capture support experience.
• Active DoD clearance preferred (Secret minimum); ability to obtain a clearance required.

• Prior experience building or leading a cybersecurity practice / commercial services portfolio.
• Certifications such as CISSP, CISM, or CISA.
• Familiarity with FedRAMP, RMF, or other federal assessment frameworks.
• Experience with automation for evidence collection (IaC scanning, compliance-as-code) and basic scripting/SQL for tooling integrations.
• Background with managed security service models, vendor oversight, or SIEM/SOAR tuning at scale.
• Prior consulting or customer-facing advisory experience in GovCon / DoD space.

The annual salary range for this role as it is posted is $200,000 to $240,000 regardless of final candidate location within the United States. The final job level and annual salary will be determined based on the education, qualification, knowledge, skills, ability, and experience of the final candidate(s), and calibrated against relevant market data and internal team equity. 

• Flexible schedule in a 100% distributed workforce 
• Premium Insurance: We cover up to 100% of the employee premium and up to 80% of the combined dependent premium on our base health plan, depending on pay band. We also cover 100% of the premium for employee and dependent Dental and Vision as well as employee premiums for Life and Disability coverage.
• Retirement: 401k match at 10% gross pay.
• Paid time off (PTO): 4 weeks combined accrued vacation and sick leave, 11 Federal holidays, your birthday, jury duty, and bereavement.
• Education & Training: Accrued budget of up to $3,500 per year for classes, travel, events, and materials.
• Home Office and Merch: We offer $750 per year for home office technology and equipment as well as $100 per year for Rise8 merch from our Swag Store.
• Wellness Budget: To encourage and support a well-rounded healthy lifestyle, we cover 100% reimbursement on a variety of wellness activities and products, up to $500 per calendar year. 
• Rise8 is part of the Life Time Corporate Partner program. In lieu of your $500 annual wellness benefit, you can instead get a $75 monthly credit towards a Life Time membership ($900 annual benefit).
• Equipment: We offer a MacBook Pro