Chief Information Security Officer

Chief Information Security Officer (CISO) Benefits:

• 401 (k)
• Group Health & Dental Plan
• Short-& Long-Term Disability Insurance
• Life & Voluntary Life Insurance
• Holiday & Vacation Pay
• Employee Assistance Program

Responsible for establishing and leading the enterprise-wide strategy, vision, and program for information security. Ensures the confidentiality, integrity, and availability of digital assets, data, and IT infrastructure by proactively assessing threats, setting strategic direction, and implementing robust security frameworks. Manages cybersecurity risk, compliance, and incident response. Ensures the company follows laws, regulations, and internal policies established in the current Cybersecurity Maturity Model Certification (CMMC) as well as continued developing compliance of the program, identifying risks, training staff, and overseeing audits, acting as a vital leader to prevent misconduct, protect the firm's reputation, and promote ethical operations.

This position is responsible for the following:
Other duties may be assigned.

• Strategic Leadership: Develop, implement, and maintain a comprehensive, risk-based information security strategy and roadmap aligned with a cybersecurity program that protects both the IT infrastructure and systems.
• Government Contracting & Compliance: Serve as the primary authority on CMMC (Cybersecurity Maturity Model Certification) readiness and compliance (NIST SP 800-171/800-172). Ensure compliance with the Maritime Transportation Security Act (MTSA), USCG Cybersecurity Final Rule, and International Maritime Organization (IMO) guidelines.
• Security Operations & Architecture: Oversee security architecture, designing and implementing security controls, policies, and technologies (firewalls, SIEM, IDS/IPS, encryption) to identify, prioritize, and mitigate cybersecurity risks across the entire supply chain.
• Incident Response & Crisis Management: Lead incident response teams, overseeing detection, mitigation, and recovery from security incidents.
• Compliance & Audit: Ensure adherence to industry regulations and internal policies, collaborating with legal, compliance, and external auditors.
• Third-Party
  
  Risk Management:
  
  Evaluate security practices of vendors, partners, and subcontractors to protect Controlled Unclassified Information (CUI) and Federal Contract Information (FCI).
• Reporting & Communication: Regularly report on the organization’s security posture, metrics, and risk management initiatives to the CEO and Board of Directors (if applicable).
• Culture & Awareness: Build a strong security culture by developing employee security awareness by providing role-based training program to employees.
• Budgeting & Resource Management: Manage the security budget, allocating resources efficiently for maximum protection against emerging threats.

Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field. 10+ years in information security, with at least 5 years in a senior leadership role, preferably in the maritime, shipping, or critical infrastructure sector. Strong ability to interact with regulatory bodies, auditors, and senior government contracting officers.

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• CMMC Registered Practitioner (RP) or Provisional Assessor (PA)
• Certified Chief Information Security Officer (CCISO)

* An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Equal Employment Opportunity Posters. If you’d like to view a copy of the company’s affirmative action plan or policy statement, please email  If you have a disability and you believe you need a reasonable accommodation in order to search for a job opening or to submit an online application, please e-mail