Director Information Security

Knowledge Business Services (KBS) is a leading multidisciplinary organization supporting software, professional services, and cybersecurity solutions across regulated government and commercial markets. KBS provides shared services and governance for multiple operating entities, including Knowledge Services, RAMPquest, RAMPxchange, dot Staff, and other mission-focused business units.

KBS is seeking a Director, Information Security to serve as the senior operational leader responsible for enterprise-wide security strategy, corporate system protection, and regulated product compliance. This role represents a unique opportunity to lead cybersecurity initiatives across both internal corporate environments and SaaS platforms supporting FedRAMP and GovRAMP authorization requirements.

The Director will oversee the development, implementation, and continuous improvement of a comprehensive information security program aligned with business objectives, regulatory standards, and evolving threat landscapes.

• Develop and execute KBS’s enterprise information security strategy across corporate and product environments
• Serve as the senior operational authority for security decision-making, risk prioritization, and program execution
• Provide executive-level reporting and guidance on cybersecurity posture, investments, and emerging risks

• Direct the protection of corporate IT infrastructure, including networks, endpoints, identity systems, and cloud services
• Lead security incident response, investigation, escalation, and remediation activities
• Oversee physical security technologies, disaster recovery coordination, and business continuity planning
• Ensure consistent enforcement of security policies, standards, and operational controls

• Maintain FedRAMP and GovRAMP readiness for KBS SaaS applications and regulated service offerings
• Lead efforts to achieve and sustain authorization status through continuous monitoring and control implementation
• Coordinate internal teams and external stakeholders to support audits, assessments, and authorization milestones
• Ensure product security aligns with NIST 800-53 requirements and applicable government frameworks

• Own and manage the enterprise Governance, Risk, and Compliance (GRC) program and supporting systems
• Build and maintain a scalable security control framework supporting FedRAMP, HIPAA, SOC 2, MARS-E 2.0, and other standards as required
• Oversee internal and third-party security audits, risk assessments, and compliance reporting
• Establish repeatable processes for risk management, control validation, and corrective action tracking
• Lead, mentor, and grow the Information Security team across corporate security and product compliance functions
• Support hiring, onboarding, training, and professional development pathways for security personnel
• Foster a culture of accountability, collaboration, innovation, and continuous improvement

• Direct enterprise-wide security awareness programs and role-based training initiatives
• Ensure security education supports both corporate operations and regulated product responsibilities
• Promote secure‑by‑design practices across technical and non‑technical teams

• Bachelor’s degree in Cybersecurity, Information Technology, or equivalent professional experience
• 5+ years of experience in technical security leadership roles
• Demonstrated expertise in regulated compliance frameworks, including FedRAMP, GovRAMP, and NIST 800‑53
• Experience securing cloud‑native environments, particularly Microsoft Azure
• Strong ability to translate technical risk into business‑aligned decisions and executive communication

• Professional certifications such as CISSP, CISM, CRISC, CISA, CCSP, CAP, or equivalent
• Experience leading authorization efforts for SaaS platforms in government‑regulated markets
• Proven success building scalable security governance programs across multiple business units