Director of IT and Cyber

Summary

Join Expansia, a service-disabled veteran-owned company, as their Director of IT and Cyber! This full-time, remote position offers a competitive salary ($158,900-$188,900) and a comprehensive benefits package. You will lead a team providing technical support and managing cybersecurity operations, ensuring compliance with CMMC 2.0 and ISO 27001:2022. The role demands extensive knowledge of DOD cybersecurity requirements and the Risk Management Framework. You will be responsible for overseeing ATO packages, collaborating with government representatives, and evaluating cybersecurity technologies. This position requires a strong background in IT and cybersecurity, ideally with experience in DOD contracting.

Requirements

• Clearance: Eligible to obtain a Top-Secret clearance (or contract required clearance level)
• Travel Requirements: Willingness to travel to user locations within the US periodically
• Experience and Education: Bachelor's (or equivalent) in Computer Science, Information Technology or a related field with 12+ years of relevant experience or a Master's with 10+ years of relevant experience. At least 4 years in a management capacity
• Minimum of 8 years' experience in IT and cybersecurity roles, with at least 5 years of experience in the DOD contracting space
• Extensive knowledge of DOD cybersecurity regulations, standards, and frameworks, including NIST, DFARS, and CMMC
• Proven experience leading ATO development processes and preparing ATO documentation for DOD contracted systems
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Governance, Risk and Compliance (CGRC) or similar certification for a senior cybersecurity manager
• Agile Certifications (Scrum Master, Product Owner, Release Train Engineer, etc)
• Strong understanding of cybersecurity operations, incident response, security architecture, and risk management principles
• Experience with modern software development practices, including Agile/SAFe methodologies, CI/CD, containerization (Docker, Kubernetes), and automated testing
• Familiarity with DevSecOps toolchains, including tools like GitLab/GitHub, SonarQube, Nessus, and AWS Inspector
• Demonstrates strong leadership, integrity, and accountability
• Excellent communication, interpersonal, and oral briefing skills
• Proven ability to mentor teams and set high technical standards across IT, software, and cybersecurity domains
• Mission-focused and committed to supporting our nation’s warfighters
• Results-driven with a passion for transformative outcomes
• Courageous in decision-making and proactive in problem-solving
• Dedicated to continuous learning, growth, and collaboration across all levels of the organization
• Security+ Certification

Responsibilities

• Serve as the DOD RMF SME for EXPANSIA including
• Provide guidance and oversight on the design and implementation of secure architectures for DOD projects
• Provide hands-on support and project guidance for DevSecOps pipeline security, including integration of static and dynamic analysis tools (SAST/DAST), container scanning, and artifact signing
• Lead the development and maintenance of Authority to Operate (ATO) packages, ensuring compliance with DOD cybersecurity standards
• Oversee the preparation of documentation, such as System Security Plans (SSPs) and Risk Assessment Reports (RARs), to support ATO processes
• Coordinate with government representatives and internal teams to facilitate ATO artifact creation, reviews and approvals
• Evaluate and recommend cybersecurity technologies and controls to enhance system security
• Collaborate with engineering teams to integrate security requirements throughout the system development lifecycle
• Advise on Software Bill of Materials (SBOM) generation and software supply chain risk management practices
• Develop and maintain a robust security awareness and training program for DOD project personnel
• Collaborate with technical teams to identify and mitigate vulnerabilities in IT systems and networks
• Assist planning and development teams by removing roadblocks, mentoring, training, and advocating for resources
• Contribute to proposal efforts as required
• Serve as the Director of IT Operations including
• Lead and implement IT and cybersecurity initiatives to optimize processes, improve productivity, and ensure operational quality
• Identify, assess, and mitigate portfolio and project risks to maintain integrity and success
• Oversee external contractors supporting EXPANSIA networks and IT functions
• Recommend and implement IT improvements with a focus on continuous optimization
• Develop and maintain technical solutions and SOPs for incident response, network security, and analytic tools
• Conduct regular risk assessments and security audits to drive prioritized remediation
• Ensure compliance with DoD cybersecurity regulations, including NIST SP 800-171 and DFARS 252.204-7012
• Monitor emerging technology trends to strengthen cybersecurity posture
• Support employee professional development and career growth
• Partner with HR for talent acquisition, onboarding, and offboarding
• Provide day-to-day personnel and performance management for assigned staff
• Build and maintain strong relationships with internal teams and external clients, including leadership
• Develop staffing plans to ensure the right mix of skills and labor for contract execution
• Manage assigned budgets efficiently, optimizing resource allocation and cost control
• Ensure all contract requirements are executed per labor category and contract terms
• Perform additional duties as needed to support organizational and project success

Preferred Qualifications

• Proficiency with at least one scripting or programming language (e.g., Python, PowerShell, JavaScript) for automation, orchestration, or tooling integration
• Hands-on experience designing or managing cloud infrastructure (AWS, Azure, or GCP), especially in GovCloud, Cloud One, or IL5/IL6-classified environments
• Relevant certifications such as CISSP, CISM, or CEH

Benefits

• Health and wellness programs
• Income protection
• Paid leave
• Retirement and savings