Castelion is bringing a new approach to defense development and production: one that focuses on short, iterative design cycles, rapid testing in development, and modern commercial manufacturing strategies for production at scale. We're designing, building, and testing next generation long range strike weapons systems to give America and its Allies a definitive edge and deter future conflicts.
Head of Information Security (GCC High, Classified Experience Required)
We are seeking a highly skilled and experienced IT Manager with expertise in managing and overseeing all aspects of information technology within our organization, specifically in compliance with NIST SP 800-171/172 implemented on Microsoft GCC High, CMMC compliance, and ability and experience to also act as our initial ISSM for classified IT systems. The ideal candidate will be responsible for implementing highly reliable security practices across the organization, and set the basis for ensuring the reliability, security, and efficiency of our IT systems and infrastructure. It is anticipated that this role will grow a team in time, overseeing both our unclassified and classified IT systems and ensuring the security of all levels of electronic information from determined nation-state level adversaries while still allowing for work to occur, in addition to ensuring compliance with Government mandated standards that may, or may not, support the former. A great candidate will be able to differentiate between these two requirements.
Responsibilities
Manage IT Operations: Oversee the day-to-day operations of all Castelion IT, including infrastructure, systems administration, network security, and user support, ensuring high availability and reliability of all IT services.
Compliance with NIST SP 800-171: Ensure that all IT systems and processes comply with the requirements of our Government contracts as implemented within Microsoft's GCC High, including data protection, encryption, access controls, and other security measures.
IT Security Management: Implement and maintain robust security measures to protect company data and systems from advanced persistent threats independent of whether it's covered in NIST standards.
Strategic Planning: Develop and implement IT strategies and roadmaps aligned with business objectives, leveraging emerging technologies to drive innovation and efficiency.
Classified Network Management: It is anticipated that this role will manage early roll-out and compliance of our classified IT infrastructure in coordination with the Government.
Budget Management: Develop and manage the IT department budget, ensuring cost-effective utilization of resources and adherence to financial constraints.
Vendor Management: Evaluate and manage relationships with IT vendors and service providers, ensuring effective delivery of services and solutions.
Team Leadership: Provide leadership and direction to the IT team, fostering a culture of collaboration, innovation, and continuous improvement.
Training and Development: Identify training needs and opportunities for professional development within the IT team, ensuring that team members have the necessary skills and knowledge to perform their roles effectively.
IT Governance and Compliance: Establish and enforce IT policies, procedures, and standards, ensuring compliance with regulatory requirements and industry best practices.
Disaster Recovery and Business Continuity: Develop and maintain comprehensive disaster recovery and business continuity plans, ensuring minimal disruption to business operations in the event of IT failures or disasters.
Basic Qualifications
Bachelor's degree in Information Technology, Computer Science, or a related field.
Minimum of 5 years of experience in IT management roles, with a strong background in managing IT operations and infrastructure.
Experience with implementation of security practices in GCC High. Desired experience as an ISSO.
Proven track record of implementing and managing IT security measures, including data protection, access controls, and encryption.
Solid understanding of IT governance, risk management, and compliance frameworks and impact on work efficiency and security.
Preferred Skills and Experience
Strong leadership and team management skills, with the ability to motivate and inspire team members to achieve goals and objectives.
Excellent communication and interpersonal skills, with the ability to effectively interact with stakeholders at all levels of the organization.
Relevant demonstrable work experience is preferred over certifications.
Experience working in regulated industries such as government, healthcare, or finance is a plus.
Additional Requirements
Willing and able to work extended hours and/or weekends with minimal notification to meet critical deadlines leading up to major milestones.
Able to travel up to 10% on an ongoing basis
All employees are granted long-term stock incentives as part of their employment as Castelion. All employees receive access to comprehensive medial, vision, and dental insurance, and the company offers three weeks of paid time off per year.
Leadership Qualities
Bias to Action and Creative Problem Solving. Desire and experience questioning assumptions in ways that lead to break through ideas that are ultimately implemented. Successfully bring in applicable processes/concepts/materials from other industries to achieve efficiency gains. Ability to personally resolve minor issues in development without requiring significant support.
High Commitment, High Initiative. A successful candidate will have a genuine passion for Castelion's mission and consistently look for ways to contribute to the company's technical goals and prevent hardware blockers. Ability to work in a fast paced, autonomously driven, and demanding atmosphere. Strong sense of accountability and integrity.
Clear Communicator. Proactively communicates blockers. Trusted in previous roles to be voice of company with regulators, suppliers, gate keepers and customers. Capable of tactfully managing relationships with stakeholders to achieve company-desired outcomes without compromising relationships. Emails, IMs and verbal interactions are logical, drive clarity, and detailed enough to eliminate ambiguity.
ITAR Requirements:
To conform to U.S. Government export regulations, applicant must be a (i) U.S. citizen or national, (ii) U.S. lawful, permanent resident (aka green card holder), (iii) Refugee under 8 U.S.C. § 1157, or (iv) Asylee under 8 U.S.C. § 1158, or be eligible to obtain the required authorizations from the U.S. Department of State.
Employment with Castelion is governed on the basis of competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.