Sentinel Blue is looking for a Deputy CISO to join our Information Security team. This role is for an experienced technical security practitioner and leader who is looking to take the next step in their career. Our ideal person for this role is passionate and enthusiastic, an excellent communicator, and a subject matter expert in practical information security; we need someone who can communicate the complex concepts in security to non-technical personnel. Broad experience across many domains of IT and security is desirable. This role will primarily be involved in client-facing activity, serving as an advisor, overseeing technical work, managing organization compliance programs and contributing to training, among other topics. This is a role that the right person will be able to do as much as they want with; there is no ceiling. This role will report to the CISO and have opportunity to take on technical projects internal to the organization along with client activity. This is a client facing role and requires a high level of comfort in social settings.
This is a full-time position that is fully remote. Schedule and hours are flexible. Due to the nature of our work, you must be a U.S. citizen with eligibility for a clearance. No exceptions.
A day in the Deputy CISO role:
The Deputy CISO starts the day with a standup call with the team to cover anything noteworthy for the day. They may next have a check-in call with the SOC team to review any active incidents or threat hunts, or be asked to join the Engineering team for a discussion on an ongoing technical project. The Deputy CISO may next have a client meeting to discuss progress on compliance and will prepare reporting on status of open compliance items. From there, the Deputy CISO may meet with the internal Technology team to review internal tooling and security improvements, such as attack surface reduction. The Deputy CISO will review and audit configurations and reports from the SecOps and TechOps teams and provide oversight and guidance. Next, they may even contribute some code to an internal project, or implement a new security configuration. Additionally, they may need to review and update internal and client documents, such as security plan and policy documents. The Deputy CISO may also be asked to collaborate with our Marketing team to produce meaningful content or arrange to speak at conferences. Throughout the week, the Deputy CISO will be invited to join conversations with junior employees and will be expected to provide education and guidance on security topics.
Responsibilities:
What We Can Offer:
Sentinel Blue is a young company with a focused mission: We're bringing enterprise-class cybersecurity to small and medium sized businesses. Frankly, we're pushing the envelope of how things are done and constantly seeking innovative ways to meet that mission. The pace is fast, and we're always learning new things. This is a great place if you want to expose yourself to new and emerging technologies, want to be challenged, and want to feel the impact of your efforts. The right person will find themselves in a fun, dynamic environment, working on interesting problems and making a real difference. The team is energetic, motivated and high performing; we only hire those we believe will continue to elevate our game.
Requirements:
Desired Qualifications:
Experience in a multi-client environment - experience in managed services is highly desired.
**Experience with NIST 800-171, DFARS 7012 and CMMC is highly desired.
**
**CISSP, CISM, or other prominent security certification demonstrating your expertise in the field.
**
Advanced understanding of security fundamentals (least privilege, RBAC, audit logging, endpoint security, change management)
Experience with Microsoft 365 and Azure, particularly with M365 GCC High and Azure Government is highly desired.
Knowledge and passion for cloud-first architecture, including experience building and deploying systems in Azure
Public speaking and social media content production - this is not required, but for someone interested in developing thought leadership, there is opportunity.
Benefits: