Chief Information Security Office (CISO) at Slingshotaerospace

Meet Slingshot At Slingshot Aerospace, we're on a mission to make space safer and more secure for everyone. Our work directly impacts global security, disaster response, climate monitoring, and the critical infrastructure that connects our world. We're a team of builders, thinkers, and problem-solvers who believe that the next generation of space operations will be powered by better data and smarter software. We move fast, we're not afraid to fail, and we believe the best ideas can come from anywhere—whether you're in engineering, sales, product, or operations. If you want to work on something that truly matters, with people who care deeply about the impact we're making and help shape the future of an industry that's just getting started, you're in the right place. What You’ll Be Launching The Chief Information Security Officer (CISO) will lead and scale Slingshot’s cybersecurity, product security, and compliance programs across enterprise, customer-facing platforms, and operational infrastructure. This role is critical to protecting company assets, enabling government and commercial growth, ensuring trust with defense and national security customers, and embedding security as a core part of mission delivery. We're building a team of sharp, creative people who love solving hard problems. We value curiosity over ego, initiative over waiting for permission, and people who genuinely care about doing great work. Bring your expertise, your fresh ideas, and your drive—we'll bring the rocket fuel. Your Mission (Should you choose to accept it) • Own and execute Slingshot’s cybersecurity strategy across enterprise, product, and operational environments. • Lead readiness and implementation for CMMC, NIST SP 800-171, DFARS, and related government cybersecurity requirements. • Establish and scale secure software development lifecycle (SDLC), application security, and DevSecOps practices. • Design and oversee cloud security architecture across AWS/Azure/GovCloud environments. • Drive audit readiness, including System Security Plans (SSPs), POA&Ms, and continuous monitoring programs. • Partner with Product and Engineering to embed security into development without slowing delivery velocity. Build and operate security monitoring, detection, vulnerability management, and incident response capabilities. • Lead executive-level incident response, including customer communication and regulatory reporting. • Develop and enforce identity, access management, data protection, and logging strategies across systems. • Oversee third-party/vendor risk management and supply chain security, including flowdown requirements. • Partner with the Facility Security Officer (FSO) on classified programs, insider threat initiatives, and industrial security requirements. • Ensure secure handling of CUI/FCI and readiness for customer audits and security questionnaires. • Define and communicate cyber risk to executive leadership, board members, and customers. • Support business development by enabling compliance required to win and execute government contracts. • Build and scale a lean, high-performing security team aligned to company growth. Pre-flight Checklist • 10+ years of experience in cybersecurity, with leadership roles in CISO, Deputy CISO, or Head of Security positions. • Experience supporting defense, aerospace, or government contracting environments. • Strong knowledge of NIST SP 800-171, CMMC, DFARS, CUI, and FCI requirements. • Experience with cloud security architecture (AWS, Azure, GovCloud) and SaaS environments. • Background in product security, including secure SDLC, application security, and threat modeling. • Experience with compliance frameworks such as NIST SP 800-53 and FedRAMP (or FedRAMP-aligned environments). • Demonstrated success leading audits, assessments, and compliance programs (SSPs, POA&Ms, evidence management). • Hands-on experience with security operations, including monitoring, detection, vulnerability management, and endpoint security. • Experience leading incident response efforts and executive-level crisis communication. • Strong understanding of vendor risk management and supply chain security practices. • Ability to translate technical cyber risk into business and mission impact. • Excellent cross-functional collaboration skills across Engineering, Product, Legal, Operations, and Executive Leadership. Bonus Cargo • Experience leading a company through CMMC Level 2 certification. • Experience supporting FedRAMP Moderate/High or agency ATO processes. • Background securing mission-critical or operational technology (OT) systems, including distributed infrastructure or sensor networks. • Familiarity with space operations, satellite systems, or ground-based mission environments. • Active or prior U.S. security clearance. • Experience briefing boards, investors, and government customers. • Proven ability to build scalable security programs in high-growth companies. We're building a constellation here, not looking for identical satellites. Every member of the team brings different capabilities to the same mission. If your orbit intersects with ours and you're mission-ready, send it. Locations: Remote, US Compensation: $175,000-$290,000 US-based Candidates: we are currently only able to hire residents of the following U.S. states: AL, AZ, CA, CO, DC, FL, GA, HI, IL, IN, KS, MA, MD, MI, MN, MO, MT, NC, NJ, NM, NV, NY, OH, OK, OR, RI, TN, TX, UT, VA, WA, WI, WV We are unable to consider candidates residing in other U.S. states at this time. Internationally-based Candidates: we are currently only able to hire residents of the following locations: United Kingdom. We are unable to consider candidates residing in other countries at this time. Equity, Diversity & Inclusion are key to our success. We are an Equal Opportunity Employer and our employees are people with different strengths, experiences, and backgrounds, who share a passion for creating a safer, more connected world. Diversity not only includes race and gender identity, but also national origin, citizenship, sex, color, veteran status, disability, genetic information, or any other protected characteristic that is part of one’s identity. All of our employees’ points of view are key to our success, and we embrace individuality.