Head of Information Security / CISO Job at Umbra, Santa Barbara, CA

bXJwblFObEp3d2JLdFdFT2pzcWRJc3AzUUE9PQ==
  • Umbra
  • Santa Barbara, CA

Job Description

Umbra builds next-generation space systems that observe the Earth in unprecedented fidelity. Our mission: Deliver global omniscience. To stay ahead of climate change, geopolitical risk, and other major crises and issues, we need a global understanding of what is changing, where, and how fast. Umbra provides easy access to the highest quality commercial satellite data available, which is an indispensable tool for the growing number of organizations monitoring the Earth. We empower our customers to create the solutions that inform, inspire, and address our planet’s most pressing needs. We’re helping to create a brand new industry that has never meaningfully existed before. The Head of Information Security / CISO is an experienced executive leadership position who will drive the organization’s integrated information security vision and infrastructure in alignment with Umbra’s mission and goals. This position is charged with protecting the company's sensitive information, systems, and networks. The leader who occupies this position must have an expert understanding of applied cybersecurity in a corporate IT environment, as well as an expert ability to clearly communicate with both internal and external government stakeholders. A successful candidate will work with our software, space systems, IT, legal, industrial security, and customer-facing teams to understand our unique security challenges. They will reconcile requirements, define Umbra’s information security strategy, and implement business-aligned security processes. This position requires regular in-office presence in either Santa Barbara, CA or Arlington, VA and the ability to travel CONUS to support customer engagements and business needs ( Key Responsibilities Information Security Safeguard information and information systems against unauthorized access and use. Implement and maintain an information security governance framework and oversee the development and implementation of related practices and procedures. Oversee the structure of corporate information storage and the related application of security permission groups. Oversee information system security operations, including monitoring, detection, and response to security threats and vulnerabilities. Cybersecurity Develop and implement a cybersecurity program. Manage threat intelligence and vulnerability management processes. Oversee incident response and forensic investigation processes. Implement data protection and encryption strategies. Guide the Umbra IT team in the implementation of security monitoring and analytics capabilities as required to implement the cybersecurity program. Regulatory and Contractual Support Provide technical expertise to assist legal personnel in defining compliance with respect to relevant regulations and contractual obligations (e.g., NIST 800-171, CMMC, DFARS). Program and Project Management Facilitate integration of information security projects and initiatives into enterprise-wide strategic planning and roadmap development via scaled agile implementation processes. Manage information security projects and initiatives. Manage security budgets and resource allocation. Provide security guidance and support to program and project teams. Collaborate with stakeholders, including government agencies, major defense prime contractors, and commercial customers. Security Vision Develop and communicate the organization's information security strategy and vision. Ensure that the security strategy is aligned with the overall business objectives and vision of the company. This involves understanding the company’s mission, goals, and operational needs and integrating security measures that support and enhance these objectives without unduly impeding productivity. Security Leadership Promote a strong security culture and awareness across the organization. Represent the organization in industry forums and external engagements as required, and as the Head of Information Security and Chief Information Security Officer where appropriate. Provide executive-level reporting and advisory services to senior leadership. Provide leadership and direction to the information security team, including recruiting, mentoring, and developing staff. Continuous Improvement Drive continuous improvement initiatives in information security practices. Stay updated with emerging threats, technologies, and industry best practices. Manage information security training across the company and professional development programs for security teams. Perform other professional duties as assigned. Required Qualifications Education and Certifications: Degree in Information Systems, Computer Science, Engineering or related field. Industry certifications such as CISSP, CISM, CRISC or equivalent. Active Top Secret clearance with SCI eligibility is required. Extensive Experience: 12+ years of senior leadership experience spanning commercial and defense/classified environments, preferably in the defense, aerospace or technology security sector. Demonstrable success leading large, global security and risk management programs for complex organizations of 100+ people. Technical Expertise: Deep expertise in cybersecurity frameworks and architectures (Zero Trust, cloud security, DevSecOps etc.), secure agile/DevOps environments, and CI/CD processes. Extensive knowledge of security technologies (SIEM, SOAR, EDR, firewalls, IAM, DLP etc.). Experience developing, implementing and managing information security programs leveraging risk management principles, security controls and mitigation strategies. Proficiency in cybersecurity standards and compliance requirements (FAR/DFAR, DCAA, NISP, etc.) and cybersecurity frameworks. Experience with security implementation across cloud deployed microservices and SaaS environments. Deep familiarity with government security regulations for classified defense contracts. Willingness and ability to directly implement security controls in advance of building a team. Leadership and Management Ability: Understand core business drivers and effectively communicate security's value and priorities. Strong track record in facilitating enterprise-wide strategic planning and roadmap development and implementing scaled agile methodologies to lead business-aligned security programs. Strong program and project management skills with experience leading cross-functional initiatives. Success in building and leading high-performance security teams in fast-paced environments. Business Acumen: Fluency with of business operations, risk management, and regulatory compliance requirements. Deep understanding of security disciplines, governance, and operations (risk management, network architecture, security frameworks, penetration testing, etc.). Exceptional leadership and stakeholder engagement skills, with excellent verbal and written interpersonal, communication, and presentation abilities. Desired Qualifications Direct experience successfully bringing a commercial company into security compliance with DoD or IC customer requirements. Understanding of satellite space and ground systems and related data encryption methodologies. Familiarity with National Reconnaissance Office (NRO) and National Geospatial Intelligence Agency (NGA) systems, security practices, and procedures. Benefits Flexible Time Off, Sick, Family & Medical Leave Medical, Dental, Vision, Life, LTD, STD (employer funded) Vol Life, Critical Illness, Accidental, Hospital Indemnity, Pet Insurance (employee funded) 401k with 3% non-elective company contribution Stock Options Umbra is an Equal Opportunity Employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Employment Eligibility Verification In compliance with federal laws, all hired persons will be required to verify their identity and eligibility to work in the United States by completing the required Employment Eligibility Verification Form (I-9 Form) upon hire. ITAR/EAR Requirements This position may include access to technology and/or data that is subject to U.S. export controls pursuant to ITAR and EAR. To comply with federal export controls, all persons hired must be a U.S. citizen, U.S. national, U.S. lawful permanent resident, refugee or asylee as defined by 8 U.S.C. § 1324b(a)(3), or must otherwise be eligible to obtain the required authorizations from the U.S. Department of State and/or U.S. Department of Commerce as applicable. Pay Transparency This job posting may span more than one career level. To provide greater transparency to candidates, we share base ranges for all job postings regardless of state. We set standard base pay ranges for all roles based on function and level benchmarked against similar stage growth companies. Final offer amounts are determined by skills, responsibilities and relevant work experience. #J-18808-Ljbffr Umbra

Job Tags

Permanent employment, For contractors, Work experience placement, Flexible hours,

Similar Jobs

South County Concepts, Inc.

Brewery Tasting Room Manager (GM) Job at South County Concepts, Inc.

 ...but are not limited to assisting of recruitment and engagement of employees; exceeding expectations and quality concerning TAPS food, beer, beverage, service, and sanitation; financial success including assisting in reporting and in the achievement of financial goals,... 

OneMain Financial

Assistant Manager Job at OneMain Financial

 ...Assistant Manager At OneMain, Assistant Managers assist Branch Managers in creating a work environment that fosters the ability to deliver an exceptional customer experience by providing leadership and training for branch staff. Assistant Managers lead by example... 

ManTech

Cyber Software Engineer (TS/SCI + Polygraph) Job at ManTech

 ...career advancement. Currently considering multiple career levels including Entry-Level/ Junior, Mid-Level, Team Lead, Senior, and Principal...  ..., C++, C, or Assembly Desire to work in a hands-on, coding-heavy role where the primary focus is to design and develop... 

PrimeCare Medical, Inc

Remote Virtual Assistant Job at PrimeCare Medical, Inc

 ...PrimeCare Medical, Inc. is looking for a highly organized and proactive Remote Virtual Assistant to provide administrative support to our team. This role requires excellent multitasking abilities and communication skills to assist in managing day-to-day operations,... 

InfoSmart Technologies Inc

Warehouse Mechanic Job at InfoSmart Technologies Inc

Responsibilities: Repair Forklifts Specialize in vehicle transmission systems Perform routine vehicle maintenance Use diagnostic...  ...to detail and problem-solving skills We are looking for a Mechanic that can work on Hilo's trucks and also can do plumbing and electrical...