[Remote] Chief Information Security Officer

Note: The job is a remote job and is open to candidates in USA. Skylight is a digital consultancy focused on improving public services for government agencies. The Chief Information Security Officer (CISO) will lead security, compliance, and policy efforts, ensuring alignment with business and regulatory requirements while collaborating with various teams to maintain operational integrity and compliance.

Responsibilities

• Lead the design, implementation, and day-to-day operation of Skylight’s information security and compliance efforts
• Maintain and continuously improve compliance with Skylight’s regulatory requirements, including NIST 800-171, CMMC Level 2, and HIPAA
• Represent Skylight externally for security audits, risk assessments, and communication with external assessors
• Collaborate with the Chief Operating Officer (COO) and CIO to achieve and maintain Skylight’s facility security clearance (FCL)
• Administer and enforce identity and access management across Skylight’s IT infrastructure, including AWS, Azure, Google Cloud Platform (GCP), Google Workspace, and Slack
• Partner with project and delivery teams to integrate security and compliance into project planning, delivery, and client communications
• Lead periodic risk assessments and report findings to the CIO and leadership team to inform decision-making
• Develop and maintain internal security and IT policies, ensuring they’re accessible, practical, and actionable
• Deliver annual security awareness training across the organization
• Collaborate with the CIO to align security priorities with company strategy and resource planning
• Stay current on evolving security practices, technologies, and emerging threats

Skills

• An active security clearance or the eligibility to obtain one
• Hands-on experience with identity and access management (IAM), role-based access control (RBAC), and related concepts in AWS, Azure, and GCP
• Demonstrated success leading security audits or compliance assessments
• Excellent communication and documentation skills, with the ability to explain technical and regulatory concepts in plain language
• Experience enumerating and mitigating organizational vulnerabilities
• Experience mitigating security risks in the software development life cycle at the organizational level
• Ability to interpret and translate non-technical material, such as regulations, into business and technical requirements
• Deep understanding of and achieving compliance with NIST 800-171
• Proven ability to foster trust and collaboration across technical and non-technical teams
• Ability to work successfully within a professional services environment (e.g., can communicate effectively with clients)
• A passion for creating better public outcomes through great government services
• A mindset and work approach that aligns with our core values
• Ability to travel for work from time to time
• Expertise in other relevant regulatory frameworks like CMMC, HIPAA, or FISMA
• Hands-on experience administering Google Workspace
• Professional development experience in at least one programming language
• Professional experience working with infrastructure-as-code
• Prior experience working in the civic tech space
• Experience working in a remote-team environment

Benefits

• Medical insurance, dental insurance, vision insurance
• Short-term and long-term disability insurance
• Life and AD&D insurance
• Dependent care FSA, healthcare FSA, health savings account
• Dollar-for-dollar 401(k) match up to 10% of your salary with no vesting period
• Flexible paid-time-off policy (generally around 25 days per year), plus 11 paid federal holidays
• Up to 12 weeks paid-time-off for all eligible new birth, adoption, or foster parents
• Performance rewards, including annual salary increase, annual performance bonus, spot bonuses, and stock options
• Business development / sales bonuses
• Referral bonuses
• Annual $2,000 allowance for professional development
• Annual $750 allowance for tech-related purchases
• Annual swag budget of $100 to display your Skylight pride with some merchandise (hoodies, hats, and more)
• Dollar-for-dollar charity donation matching, up to $500 per year
• Flexible, remote-friendly work environment
• An environment that empowers you to unleash your superpowers for public good

Company Overview

• Skylight is a digital consultancy using design and technology to help government agencies deliver better public services. It was founded in 2017, and is headquartered in Sarasota, Florida, USA, with a workforce of 51-200 employees. Its website is https://skylight.digital/.

Apply tot his job Apply To this Job